mac adress mask
#1
Hello, the password is the poppy address. What is the best way to generate it?
First I used the mask? H? H-? H? H-? H? H-? H? H-? H? H-? H? H

Now I'm trying this -1? dABCDEF? 1? 1:? 1? 1:? 1? 1:? 1? 1:? 1? 1:? 1? 1 found on the forum. It's just that the file turns out to be very large, more than 500 GB and it's not complete. At my speed, it will take a year. Are there masks that will generate random poppy addresses, and not in order. Do you understand what I'm talking about? So that the generation starts randomly, and not from 00-00-00-00-00-aa

eg
Reply
#2
Another question. I did not seem to find this in the documentation. Is it possible that variants that did not fit online are removed from the dictionary. Instead of using --restore. Or is there no such function? Thank you
Reply
#3
We can only give good advice when you also mention the hash type that you are trying to crack.

There are basically worlds between cracking a fast hash and a very slow hash.

My guess is that you would better be off using a normal mask attack (maybe even use a hcmask file if you need to "filter" or run several more specific masks at once etc) instead of using a dictionary as you write above.

I/O (input / output, i.e. disk access) is always slow and therefore a dictionary attack for such a specific case wouldn't make much sense.

If you really need to generate the password candidates outside, you would be better off using a stdin/pipe attack (but again this will be normally slower than a mask/hcmask attack in most of the cases, depending on the hash type):
Code:
./my_fast_mac_generator_code | ./hashcat -m 0 -w 3 hash.txt -r my_rules.rule

in this case your own password generator that is already able to generate and filter wrong/invalid/non-sense mac addresses is named my_fast_mac_generator_code and this must be really, really fast.... furthermore you probably still need some amplification for hashcat with a rule file (I've called it "my_rules.rule" here) which does some swap rules or similar, just to give hashcat much more to do (multiplier/amplificator).

Again, this is something that depends on your situation and mostly on the hash type/algorithm... it could also be that it's not worth it to filter the few candidates that could be wrong (i.e. if just 1 in 100,000 candidates are an "invalid" mac address but the hash type is already a very fast one like MD5 or similar... in this case we could really argue that it's negligible to do any slow/strange filtering of invalid mac addresses, because the speed cost is greater than the benefit from reducing the keyspace/password candidates).

I guess you already got the idea: avoid I/O and try to understand which attacks is faster and depending on the points mentioned above see if filtering even makes sense or if you would be better off not doing any strange check of valid or useless mac addresses.
Reply
#4
dash core wallet.dat - m 11300
I do not know if this mod is suitable for vallet dash dasha. And did I get the password hash from the date vallet correctly? I got it with this service https://hashes.com/ru/johntheripper/bitcoin2john
Reply
#5
Could you help me compose a request or at least a rule so that random poppy addresses are generated, and not in order, so that I have a better chance of opening my wallet. I have 2 dasha there. I changed the password to the poppy address and without having time to save it, my light went out. Help me make the correct request, please, I will thank you if successful
Reply
#6
-m 11300 is a quite slow hash algorithm .

Please make sure if such things are even feasible. do the math ! how many combinations exists and how fast is your hardware ?

To me this sounds like a very large keyspace. 16 ^ 12 ? combined with the slow bitcoin hashing algo, it's not easy to crack for a normal setup within a reasonable amount of time.

Did you even try to create a test wallet with a similar password and see if it works (is your test wallet crackable with that method ) ? don't you have any backup before the password change ?
Reply
#7
yes you are right it is almost impossible at the moment)
Reply