hascat plaintext mode (99999) with weakpass_3w list
#1
Hi, I'm trying to use hashcat in plaintext mode (-m 99999) to find a match to a word in the wordlist weakpass_3w (https://weakpass.com/wordlist/1950).

Code:
hashcat -m 99999 password123 my_wordlists\weakpass_3w.7z

but it seems like the word cannot be found in the list. I alsotried the same command with --hex-wordlist. Even if I try with other words that should be in the list according to weakpass website I get no match.

If I repeat the same for the rockyou.text wordlist I find a match to password123 without any problem.

Am I doing something wrong? Does it have to do with the format of weakpass_3w?
Reply
#2
General diagnostic step: test a simpler case - a single word, with a single word in an uncompressed wordlist. Then try compressing the wordlist and see if it still works.
~
Reply
#3
Thank you Royce. I did a bit more testing, I picked a word from the list (just printed the head to terminal, and picked "00000GIULIA" for testing) and found the following:
  • using the "weakpass_3w.7z" wordlist I get a keyspace of  7686592 and hashacat takes 6 second to get exhausted. If I check the candidates than I see them in the form. $HEX[0e21290cb487a80c321aa0b69686c0361f05a44bbc7bcbdee7]
  • using the uncompressed "weakpass_3w" I get a keyspace of 1134583776 and the candidates look like plain text and password it gets cracked.

Shall I always extract the files from the archive? I've noticed that hashcat can also be fed with .gz compressed wordlists and works fine.
Reply
#4
(06-12-2022, 09:37 AM)albekkjj Wrote: Thank you Royce. I did a bit more testing, I picked a word from the list (just printed the head to terminal, and picked "00000GIULIA" for testing) and found the following:
  • using the "weakpass_3w.7z" wordlist I get a keyspace of  7686592 and hashacat takes 6 second to get exhausted. If I check the candidates than I see them in the form. $HEX[0e21290cb487a80c321aa0b69686c0361f05a44bbc7bcbdee7]
  • using the uncompressed "weakpass_3w" I get a keyspace of 1134583776 and the candidates look like plain text and password it gets cracked.

Shall I always extract the files from the archive? I've noticed that hashcat can also be fed with .gz compressed wordlists and works fine.

There's your problem: hashcat only supports .gz and .zip for compressed wordlists. When you give it a .7z file, it's using the compressed binary data as your wordlist (which is suboptimal Wink
Reply