complicated mask_attack or brute force?
#1
Lightbulb 
I am trying to figure out the appropriate mask for a 12 digit numeric password where one of the 12 digits is randomly assigned an upper case letter character instead of a number.

Example 12345A678901    or 401B23456598

The letter can appear anywhere in the password and there is only ever one letter

I feel like there has got to be a way to use a mask or an approach that requires less possible combinations than a straight brute force attack. Where I am lost is setting it up so that only one digit is ever treated as a letter character.

Any help would be greatly appreciated.

Thanks,
Reply
#2
You could run a script that contains 12 different attacks.
-a 3 ?d?d?d?d?d?d?d?d?d?d?d?u
-a 3 ?d?d?d?d?d?d?d?d?d?d?u?d
-a 3 ?d?d?d?d?d?d?d?d?d?u?d?d
-a 3 ?d?d?d?d?d?d?d?d?u?d?d?d

etc
eventually you'll hit the right position. Could re-sort the attacks to go middle out, if you think the odds of finding the upper case letter are in the middle rather than the extremes
Reply
#3
or split, prepare a dict with 6 positions numbers from 000000 to 999999 use this dict twice in combinator attack and combine this with a rule file where you also add all rules possible

Overwrite @ N oNX Overwrite character at position N* with X
* Indicates that N starts at 0. For character positions other than 0-9 use A-Z (A=10)

starting with
o0A
o1A
...
oBA
oCA
...
..
oCZ (last)

do this for all Chars from A-Z (there is a thread where you can use maskprocessor oder hahscat to do this for you, im in a hurry, so i cant give you the link)

rules are amplifiers so it should be faster than the pure bruteforce aproach (will test it tomorrow and give you some data on this)
Reply
#4
Thanks Snoopy. I am not advanced enough to figure out what this would look like as a hashcat argument. Would you be able to point me in the right direction?
Reply