05-26-2021, 11:16 AM
(05-18-2021, 11:26 AM)philsmd Wrote: Again the best method would probably be to use rule-based attacks, see https://hashcat.net/wiki/doku.php?id=rule_based_attack
you could even create your own dictionary file with several permutations of the base password and run it through some standard rule files (if you really don't want to mess around with creating your own rule file).
hash.txt is the hash file that holds 1 hash line that follows the format mentioned in https://hashcat.net/wiki/doku.php?id=example_hashes (for 15700).Code:hashcat -m 15700 -a 0 -w 3 -r rules/best64.rule hash.txt dict.txt
dict.txt is a file that you created with notepad or similar that holds a few thousands of possible password candidates that you think are likely the correct one (original and a little bit mangled base words, 1 password on each line).
The problem with the mask attack is that you do not know the exact length and furthermore the passwords just seem to be shifted and slightly modified (exactly something that you normally use the rule attack for).
If you really would attack a very fast hash, you could of course combine every char that you think could be used into a new charset, but again this type of attack is not clever/fast for a very slow algo like scrypt-based ethereum wallets (-m 15700).
For -m 0 (MD5) you could use something like this:
Code:hashcat -m 0 -a 3 -w 4 -1 "#23AEHNOPRSTWaehnoprstw" --increment --increment-min 5 --increment-max 15 hash.txt ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1
but note: that even in this case hashcat will need to increase the password length all the time (and the keyspace gets huger and huger with increasing length) and you won't see the total estimated run time at the start (only the current run time for that specific length, you can modify --increment-min / --increment-max to specify the min/max length... the mask length itself must always be the same length or longer than --increment-max).
This would be quite a strange approach to try all the password candidates and as already set is not recommended at all (and even less clever for slow hash algorithms), but I think you get the idea on how to combine each and every char at each and every position (if you don't know where the chars could be etc)
Thanks a lot philsmd for your detailed explanation. I took a look at the possible rules but I found no rule for the instruction to test lowercase and uppercase letters. Is there one? So I could write ...
Quote:WEATHER
weather
... into the dictionary file and hashcat will create all possible password candidates like:
Weather
wEAther
weaTHER
(and so on)
?
Is there a specific rule for that?