custom wordlist & hmask
#1
hash (SSHA format like: {SSHA}4EBG6UG97gnFknr9A0CRqEQBQdFnQ1JlYTdsTg==)
mask.hcmask (content)
?d?d
?d?d?d
?d?d?d?d
?d?d?d?d?d
?d?d?l?l?d
wlist.txt (content)
Serverless
Innocu
GRANdeur
trackinG
Hotel
moTel

hashcat (command)
hashcat -m 111 hash -a 3 --force --stdout mask.hcmask wlist.txt

The stdout at run time shows:
91135507
44235507
56235507
...etc

Actually, according to the command options every single hashcat attempt should be something like:
Serverless91135507
...etc
In a nutshell every line of wlist.txt should be combined with an hmask entry
Is that possible? I mean I'd like to use a custom wordlist where to every single entry should be appended an hmask attempt
what's wrong with what I'm doing?
thanks in advance
Reply
#2
first, NEVER EVER USE --force (this can lead to wrong hashcomputing and thus wrong passes -> total garbage)

for the rest:
attack mode 3 is plain bruteforce, so your wlist.txt is skipped without warning
you are looking for https://hashcat.net/wiki/doku.php?id=hybrid_attack
attack mode 6 and be aware of the right order for the options in attack mode 6 -> dict then mask/maskfile

last:
when using --stdout yout dont need to provide an hash just try
hashcat -a6 --stdout wlist.txt mask.hcmask
Reply
#3
serverless116 but stop posting hashes here.
Reply
#4
(06-14-2023, 09:45 PM)aikiuslik Wrote: serverless116 but stop posting hashes here.
that was just a test...anyway I'll stick to it thanks
Reply
#5
(06-14-2023, 06:50 PM)Snoopy Wrote: first, NEVER EVER USE --force (this can lead to wrong hashcomputing and thus wrong passes -> total garbage)

for the rest:
attack mode 3 is plain bruteforce, so your wlist.txt is skipped without warning
you are looking for https://hashcat.net/wiki/doku.php?id=hybrid_attack
attack mode 6 and be aware of the right order for the options in attack mode 6 -> dict then mask/maskfile

last:
when using --stdout yout dont need to provide an hash just try
hashcat -a6 --stdout wlist.txt mask.hcmask

many thanks
it works like a charm
a few questions:
if using --stdout specifying the hash name is somewhat useless...right?
-a6 can that option be applied to any type of hash? in this case it was SSHA (salt+passwd)..I mean ..earlier my comamnd was -m 111 because that was the
right flag for that type of hash
Reply
#6
Every attack mode can applied to every hashtype.

--stdout just for showing what kind of passwords will be generated, no need for a hash or attackmode
Reply