Wordlist+Wordlist+Mask
#1
This question has probably been asked before, but I could find what I was looking for.

I have a wordlist with 500K words.  I would like to create a combination of Wordlist+Wordlist+?d?d?d to crack 22000 hashes.

What is the most efficient way to accomplish this?
Reply
#2
You'll want to use --stdout to output your first 2 wordlist and then pipe a new instance with a mask attack

Code:
hashcat -a 1 -m 0 --stdout  example.dict example.dict


then create your mask attack. see this forum post, very similar concept
https://hashcat.net/forum/thread-11120-p...l#pid57357
Reply
#3
Performance wise, is it faster to have a hybrid attack of WORDLIST?d?d?d? or just a straight dictionary attack?

I assume the straight dictionary attack, but I would like to verify that.
Reply
#4
hybrid should be faster (depending on mask and masklength) due to the fact, that hashcat uses 2 loops for that and the modloop/maskloop is executed directly on the gpu working as amplifier for each given word

for more details see

https://hashcat.net/wiki/doku.php?id=fre...full_speed
Reply
#5
Curiosity was eating at me, so I ran some test. @Snoopy, you are correct. For anyone interested here is the results of my little experiment.

GPU Hardware: NVidia 3090 & NVidia 2060 Super
Dictionary File: 5.9 Million lines
Dictionary File with 3 digits added to each line (100-999): 3.2 Billion lines
Capture file with (2) 22000 hashes

I purposely chose a hash that would not be cracked, so that all candidates would be tried.

hashcat -a6 -m22000 -1 123456789 capture.22000 dict-nonumbers ?1?d?d -w3
Total time = 41 minutes

hashcat -a0 -m22000 capture.22000 dict-withnumbers -w3
Total time = 52 minutes

A 21% performance difference is substantial. I assumed wrong Smile
Reply