02-03-2017, 12:58 AM
(This post was last modified: 02-21-2017, 07:59 PM by pragmatic.
Edit Reason: Removed a "work-around" that wasn't
)
I did find that blog in my searches before asking, and that method did work, but it got ugly pretty quick for 4-byte characters. Basically it ended up using all four of the custom charsets just to define a single unicode char range, which left me none to use for other purposes.
For example if there were passwords that might contain mathematical alphanumeric symbols (codepoints 1D400-1D7FF), in order to capture those ranges, we need to do something like the following:
hashcat -a 3 -m 0 crackme --hex-charset -1 f0 -2 9d -3 909192939495969798999a9b9c9d9e9f -4 808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf ?1?2?3?4?1?2?3?4?1?2?3?4?1?2?3?4?1?2?3?4?1?2?3?4 -i
This is fine if the passwords are solely made up of characters from this set, but if they may also contain more typical ascii range characters then we're out of luck.
Overall, it would be much better/cleaner to have a way to reference unicode ranges more generally, kind of like hcchr files but with multi-byte values (let's say hcchrmb files). In that way you could reference ranges and encodings more freely such as:
hashcat -a 3 -m 0 crackme --hex-charset -1 charsets/unicode/3040_hiragana_utf8.hcchrmb -2 charsets/unicode/30a0_katakana_utf16le.hcchrmb -3 ?l?u?d?1?2 ?u?3?3?3?3?d?d -i
The above would provide a fairly intuitive and powerful way to crack against different ranges and encoding schemes that can't easily be achieved now.
Just a thought, anyway.
For example if there were passwords that might contain mathematical alphanumeric symbols (codepoints 1D400-1D7FF), in order to capture those ranges, we need to do something like the following:
hashcat -a 3 -m 0 crackme --hex-charset -1 f0 -2 9d -3 909192939495969798999a9b9c9d9e9f -4 808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf ?1?2?3?4?1?2?3?4?1?2?3?4?1?2?3?4?1?2?3?4?1?2?3?4 -i
This is fine if the passwords are solely made up of characters from this set, but if they may also contain more typical ascii range characters then we're out of luck.
Overall, it would be much better/cleaner to have a way to reference unicode ranges more generally, kind of like hcchr files but with multi-byte values (let's say hcchrmb files). In that way you could reference ranges and encodings more freely such as:
hashcat -a 3 -m 0 crackme --hex-charset -1 charsets/unicode/3040_hiragana_utf8.hcchrmb -2 charsets/unicode/30a0_katakana_utf16le.hcchrmb -3 ?l?u?d?1?2 ?u?3?3?3?3?d?d -i
The above would provide a fairly intuitive and powerful way to crack against different ranges and encoding schemes that can't easily be achieved now.
Just a thought, anyway.