Huge wordlists with false positives passwords (7z)
#1
Hi.
I have a question about the calculations made when checking 7Z passwords. This is basically a question about parallelization of calculations, in what order they are completed.
From a large list, simplifying 1000 passwords, HashCat takes 25% (200 passwords), among which, in position 50 there is a real password, and on positions 100 and 150 there are false positive passwords. Is a situation possible in which fake password from position 100 is indicated as the first, and hashcat exits with code 0? Basically, I mean whether after finding the first false positive password (100) can I safely remove positions 1-100 from the list and start a new scan from 101 to 1000, being sure that all calculations on positions 1-99 have been fully completed.
Reply
#2
(06-01-2023, 04:56 PM)arduan77 Wrote: Hi.
I have a question about the calculations made when checking 7Z passwords. This is basically a question about parallelization of calculations, in what order they are completed.
From a large list, simplifying 1000 passwords, HashCat takes 25% (200 passwords), among which, in position 50 there is a real password, and on positions 100 and 150 there are false positive passwords. Is a situation possible in which fake password from position 100 is indicated as the first, and hashcat exits with code 0? Basically, I mean whether after finding the first false positive password (100) can I safely remove positions 1-100 from the list and start a new scan from 101 to 1000, being sure that all calculations on positions 1-99 have been fully completed.

Not be removing them from the wordlist, as hashcat uses markov, meaning it takes the word in an order with the most likely first (there's a longer explanation for this) but using the -s or --skip you should be able to do it. See also hashcat --help.
Reply
#3
Thank you for your answer, but I have to ask. I understand that Markov Chain is used not only to create new passwords by HashCat, but also to check passwords from an external generated password list. I use my own list created by an external generator. After finding a false positive password, I remove the position from 0-false password, and return to check rest of the list, but I'm afraid that the calculations of the found password (false positive) could be completed earlier than the calculations of 0 to found password-1. So I remove non checked passwords.
Reply
#4
(06-02-2023, 11:50 AM)arduan77 Wrote: Thank you for your answer, but I have to ask. I understand that Markov Chain is used not only to create new passwords by HashCat, but also to check passwords from an external generated password list. I use my own list created by an external generator. After finding a false positive password, I remove the position from 0-false password, and return to check rest of the list, but I'm afraid that the calculations of the found password (false positive) could be completed earlier than the calculations of 0 to found password-1. So I remove non checked passwords.

Markov Chain has nothing to do with password creation. It has to do with the order the given candidates are tried. Hence my former answer.
Reply