Posts: 16
Threads: 10
Joined: Nov 2020
04-13-2021, 10:30 AM
(This post was last modified: 04-13-2021, 10:37 AM by xabbix.)
I've read previous posts about using more than 4 character sets and I see that it's not possible. Why is that? What's the logic behind not allowing any amount?
This is my issue and I'm not sure how to resolve it using anything other than a mask attack.
Let's take this password for example: ThisIsMyPassword9799!
I'm not sure about the capitilization, I may have capitalized some of the characters, or not. So I'd like to use something like
Tt,Ii,Mm,Pp?1his?2s?3y?4assword9799!
However, I'm also not sure if I switching o's with 0's, or which special character I've used at the end (and would like to avoid using ?s since I have a much smaller set). It's also possible that I've switching the a's with 4's.
How should I approach this? I'd like to use a Mask attack as it's the fastest and I feel that if I had a way to define more than 4 character sets it would be the best option for me.
Posts: 39
Threads: 1
Joined: Jan 2019
(04-13-2021, 10:30 AM)xabbix Wrote: I've read previous posts about using more than 4 character sets and I see that it's not possible. Why is that? What's the logic behind not allowing any amount?
This is my issue and I'm not sure how to resolve it using anything other than a mask attack.
Let's take this password for example: ThisIsMyPassword9799!
I'm not sure about the capitilization, I may have capitalized some of the characters, or not. So I'd like to use something like
Tt,Ii,Mm,Pp?1his?2s?3y?4assword9799!
However, I'm also not sure if I switching o's with 0's, or which special character I've used at the end (and would like to avoid using ?s since I have a much smaller set). It's also possible that I've switching the a's with 4's.
How should I approach this? I'd like to use a Mask attack as it's the fastest and I feel that if I had a way to define more than 4 character sets it would be the best option for me.
Hi,
Are you attacking a fast or a slow hash?
I do not understand your custom character sets. Can you list them please?
I understand them this way:
1: TtIiMmPp
2: his
3: s
4: assword9799!
hashcat -a 3 -m *your_mode* hash.txt -1 TtIiMmPp -2 his -3 s ?1?2?1?3?1 assword9799! (you can add the end of the password to the end of the mask. Not sure if you need a space or not).
But you must be sure about the right ending of your password.
Get what I mean? :-)
Posts: 16
Threads: 10
Joined: Nov 2020
04-13-2021, 01:44 PM
(This post was last modified: 04-13-2021, 01:45 PM by xabbix.)
(04-13-2021, 12:50 PM)Centurio Wrote: (04-13-2021, 10:30 AM)xabbix Wrote: I've read previous posts about using more than 4 character sets and I see that it's not possible. Why is that? What's the logic behind not allowing any amount?
This is my issue and I'm not sure how to resolve it using anything other than a mask attack.
Let's take this password for example: ThisIsMyPassword9799!
I'm not sure about the capitilization, I may have capitalized some of the characters, or not. So I'd like to use something like
Tt,Ii,Mm,Pp?1his?2s?3y?4assword9799!
However, I'm also not sure if I switching o's with 0's, or which special character I've used at the end (and would like to avoid using ?s since I have a much smaller set). It's also possible that I've switching the a's with 4's.
How should I approach this? I'd like to use a Mask attack as it's the fastest and I feel that if I had a way to define more than 4 character sets it would be the best option for me.
Hi,
Are you attacking a fast or a slow hash?
I do not understand your custom character sets. Can you list them please?
I understand them this way:
1: TtIiMmPp
2: his
3: s
4: assword9799!
hashcat -a 3 -m *your_mode* hash.txt -1 TtIiMmPp -2 his -3 s ?1?2?1?3?1 assword9799! (you can add the end of the password to the end of the mask. Not sure if you need a space or not).
But you must be sure about the right ending of your password.
Get what I mean? :-)
I'm attacking a fast hash and I get what you mean. What you're suggesting is a workaround that will attempt many passwords I do not wish to include. This was just an example, but I do have a lot of use cases where I simply need more than 4 character sets to work with, in this example it would probably be easy to include these unwanted attempts as it will not take much longer to go through them as well, but in other cases it will take ages more. Another example is a longer password, let's take this base password
ThisIsALongerPassword1111111111!
Valid candidates are
thisIsALongerpassword
11111155111!
Th1sIsALongerPassword55
11111111@
Th1sIs4LongerP4assword9285819204%
Th1isIsALongerP4ssw0rd0195828402&
If you try to accommodate this via a Mask attack, you simply cannot without using your workaround that will take a much longer time to crack.
Posts: 39
Threads: 1
Joined: Jan 2019
Yeah, I understand. Sometimes I wish myself a brutforce attack with the possibility to limit the how often the same character can be used per candidate. Let's say a Z only can used once in a candidate where as a e can be used max 3 times.
Like this ZZZZZZZZZ ZZZZZZZZa ZZZZeeeeZ can be avoided.
Posts: 867
Threads: 15
Joined: Sep 2017
well your attack is very, very specific and therefore quite to specific for what maskattack was made for
parsing such "complex" mask you are looking for, with more than 4 charsets and so on, would slowdown the generation of passwordcandidates more than actuall trying millions (of fast hashes) of "not perfect fitting candidates"
if you really want to achieve only real perfect password candidates you have to do some real "handmade preparations" before, also it seems more like a job for a combinator attack
you could first generate a basic style wordlist with maskprocessor (just with lower case letters), combine it with a second wordlist for your numbers and special chars or use at this point your wordlist + mask and leave any modifications to a handcrafted ruleset
for example with rules like
sa4 (replaces all lowercase a with 4)
T3 (toggles lower upper on index 3, starting with index 0)
of course you have to combinate most of thes rules, see hashcat utils for helping with these, i think some runs of combipow will do the job quite well