hashcat Forum Support hashcat v
hascat plaintext mode (99999) with weakpass_3w list

Threaded Mode
hascat plaintext mode (99999) with weakpass_3w list
albekkjj Offline
Junior Member
**
Posts: 2
Threads: 1
Joined: Jun 2022
#1
06-12-2022, 12:02 AM (This post was last modified: 06-12-2022, 12:04 AM by albekkjj.)
Hi, I'm trying to use hashcat in plaintext mode (-m 99999) to find a match to a word in the wordlist weakpass_3w (https://weakpass.com/wordlist/1950).

Code:
hashcat -m 99999 password123 my_wordlists\weakpass_3w.7z

but it seems like the word cannot be found in the list. I alsotried the same command with --hex-wordlist. Even if I try with other words that should be in the list according to weakpass website I get no match.

If I repeat the same for the rockyou.text wordlist I find a match to password123 without any problem.

Am I doing something wrong? Does it have to do with the format of weakpass_3w?
Find
Reply
royce Offline
Moderator à la mode
******
Posts: 929
Threads: 4
Joined: Jan 2015
#2
06-12-2022, 12:50 AM
General diagnostic step: test a simpler case - a single word, with a single word in an uncompressed wordlist. Then try compressing the wordlist and see if it still works.
~
Find
Reply
albekkjj Offline
Junior Member
**
Posts: 2
Threads: 1
Joined: Jun 2022
#3
06-12-2022, 09:37 AM
Thank you Royce. I did a bit more testing, I picked a word from the list (just printed the head to terminal, and picked "00000GIULIA" for testing) and found the following:
  • using the "weakpass_3w.7z" wordlist I get a keyspace of  7686592 and hashacat takes 6 second to get exhausted. If I check the candidates than I see them in the form. $HEX[0e21290cb487a80c321aa0b69686c0361f05a44bbc7bcbdee7]
  • using the uncompressed "weakpass_3w" I get a keyspace of 1134583776 and the candidates look like plain text and password it gets cracked.

Shall I always extract the files from the archive? I've noticed that hashcat can also be fed with .gz compressed wordlists and works fine.
Find
Reply
pdo Offline
Member
***
Posts: 63
Threads: 1
Joined: Mar 2017
#4
06-12-2022, 02:32 PM
(06-12-2022, 09:37 AM)albekkjj Wrote: Thank you Royce. I did a bit more testing, I picked a word from the list (just printed the head to terminal, and picked "00000GIULIA" for testing) and found the following:
  • using the "weakpass_3w.7z" wordlist I get a keyspace of  7686592 and hashacat takes 6 second to get exhausted. If I check the candidates than I see them in the form. $HEX[0e21290cb487a80c321aa0b69686c0361f05a44bbc7bcbdee7]
  • using the uncompressed "weakpass_3w" I get a keyspace of 1134583776 and the candidates look like plain text and password it gets cracked.

Shall I always extract the files from the archive? I've noticed that hashcat can also be fed with .gz compressed wordlists and works fine.

There's your problem: hashcat only supports .gz and .zip for compressed wordlists. When you give it a .7z file, it's using the compressed binary data as your wordlist (which is suboptimal Wink
Find
Reply