Semi-Known Ethereum Password(-m 15700)
#1
Hello all,
 I am new here and new to Hashcat. I was wondering if someone could help me figure out which rule set would be best for my given situation; I am trying to help a friend recover his keystore password which is semi-known. He believes it's - StrangeTripLong1965, but doesnt remember if and where he added special characters or what letters are upper case (max 3). I already tried running HASHCAT -m 15700 -a 0 --scrypt-tmto 4 -w 1 -D 2,3 -n 1 --force hashcode.txt password.txt -w3 -r rules\dive.rule and HASHCAT -m 15700 -a 0 --scrypt-tmto 1 -w 1 hashcode.txt password.txt -w3 -r rules\dive.rule with no luck.. My whole question is, if the password is semi-known between 16 and 19 characters, shouldn't i be running a Mask like this - ?u?l?l?l?l?l?l?u?l?l?l?u?d?d?d?d?s  
Any help with the scripts im using or helping me understand better ones given the scenario would be greatly appreciated.
Reply
#2
I'll preface this with two things:
1 - I know very little about cracking wallet hashes
2 - dive.rule was intended for use on fast hashes like md5, lm, ntlm, etc

That said, I don't think you're going to have much luck with this strategy, as your proposed mask has 90 quintillion possibilities in it. If you use a small wordlist with dive.rule, it will apply about 90 thousand permutations to every word you feed through it. On a hash this slow (< 1H/s on my GTX1660), I don't see how that'll every complete in a useful amount of time Sad
Reply
#3
Well thank you for your honesty and not leading me down a rabbit hole.. I figured the Mask attack would take years but was hoping for a different answer. 
Hopefully a cracking g wizard can help me out on this.
Reply
#4
most of the hash crackers would of course not recommend to give up completely from the very start.... many of us were already able to crack hashes that most others would claim that they are "impossible" to crack.... (that doesn't mean that I or anybody here specifically will be able to crack this hash for you, or will even attempt to do so... no don't try to PM me for this hash etc... try to learn about hashcat and hash cracking yourself... this is not how the forum works, we don't crack hashes for you).

you might just need to change your strategy and try to remember as much as possible from the password... create your own dict file with many possible password candidates (very likely passwords) and mangle them with rules (rules shipped with hashcat and, if not working, also trying to create your own rule file).

yeah, it's not an easy algorithm... but if you remember a lot about the password, you just need to change your strategy from "I will BRUTE this with ALL THE hardware on this planet" (this is not what you specifically said, but this is how many users think it works) to "i will try to learn as much as possible about hash cracking/hashcat and make very clever and feasible password recovery attempts".

good luck
Reply
#5
Thank you very much. Currently, I'm trying to execute that plan with password-strecher in Python 3. Once I have my master wordlist, I'll start cracking with different rule sets. 
If all else fails I'll be reposting in the forums for further guidance.
Reply
#6
that sounds like a plan (except that I have no clue whether password-stretcher could do anything good for you), I would rather make my own word list manually or with my own little perl/python/php script dedicated for that specific attack

also make sure to never use --force

and for -m 15700 you really should try to use your CPUs with -D 1 (no not the lowercase -d one, -D 1 means only use CPU instead). -D 1 and CPU cracking is important for scrypt algorithms, except if you know for sure that your GPU rig is much faster because you have for instance 8+ GPUs but only a slow CPU.... but CPU cracking for scrypt is recommended !
Reply