how to work with complex passwords?
#1
Wordpress hashes are slow and hard to crack, how would you for example crack a password with special characters and possibly 12 chars? 
masking would not be easy since we don't know if the first char is a special character, the keyspace is too big to handle so i tried wordlists, combo variations and hybrid attacks with no luck. 
Also tried 2 online paid services and got no luck.
Are these a lost cause for now due to their complexity or are there other solutions out there? 
thanks in advance
Reply
#2
Well hashcracking is never guaranteed (even more so when you are attacking a single hash), if it's full random and 12 chars you are just not going to crack it.
Though if it's user generated, you may have some luck with appropriate wordlists and rules (it helps knowing things about the user/password to craft rules dedicated to crack that specific hash).
Reply
#3
you could minimize the keyspace for "normal passwords"

there are some good lists and/or statistics for real passwords in the wild like if pw contains digits then "mostly" at the end like pass+birtday or year -> "pass1981"

but like Xanadrel says, cracking a single hash is yeah like gambling
Reply
#4
Yes Snoopy i think that these hashes are not worth my time, probably they are even bigger than 14 chars, i already ran them against +- 120Gb of wordlists and even using rules, lost days so, moving on. thanks for the help
Reply