(12-26-2019, 05:06 PM)undeath Wrote: policygen generates a mask file which is then used in hashcat's mask attack, hence subject to the markov generator.

I do understand that. The problem is that it uses markov per mask. Which means that it will deplete the first mask completely before moving on to the second. In the example that I gave that ?l?l?l?l comes first than ?d?d?d?d, xyzk will be tested first than 1234. I'm looking for (but unsure if there is a way) to apply markov to "all masks" at once. The overall explanation would be something like:

Test for a password of 8 characters with at most 6 lowercase, at minimum 2 numbers, and so on, based on markov applied to all possibilites, not mask by mask. The output would be something like:

1 - 12345678

2 - john1234

3 - passwo12

It's almost like a ?a?a?a?a... mask but restraining the possibilities to the imposed restrictions. This seems actually really easy to implement, considering I imagine most of the time of the calculations is used actually hashing the string, not generating one. So if I have a mask with ?a?a?a... I could theoretically check if the conditions are met, and if not, just skip. But that would require changing the code in hashcat itself, I can't seem to find a way to do it from the outside. A pseudo code for this would look something like:

1-mask used: ?a?a?a?a

2-generate string

3-check requirements, if compliant, hash; else, skip.

This way markov would be applied to all possibilities at once, EVEN WITH THE RESTRICTIONS (which is the whole point of this, otherwise just using ?a?a... would solve the problem), making sure that 1234 is tested before zxat even if ?l?l?l?l is more likely than ?d?d?d?d