Posts: 2
Threads: 1
Joined: Oct 2023
Hello,
I have not been able to find any information to solve my mask idea.
I'm cracking a keepass hash. Doing 8 character mask is taking days so I'm trying to keep the charset small. I have a few symbols that I tend to favor in my passwords, such as !#$* So I defined a charset.hcchr file with
?l?u?d!#$*
hashcat --custom-charset1=charset.hcchr -a 3 --increment -m 13400 -o cracked_output.txt --outfile-format 2 keepass.hash ?1?1?1?1?1?1?1?1?1?1
If this fails I want to expand the special characters to include %&(). How do I re-run the mask, but eliminate candidates without the new symbols?
Posts: 385
Threads: 1
Joined: Aug 2020
10-14-2023, 10:20 AM
(This post was last modified: 10-15-2023, 09:58 PM by royce.
Edit Reason: context
)
[Moderator note: Bad and incorrect answer - and clearly AI/LLM generated, which is against forum rules.]
To re-run the mask and eliminate candidates without the new symbols, you can use the following steps:
Create a new charset file with the expanded special characters:
?l?u?d!#$%*&()
Save this file as charset2.hcchr.
Run the following command:
hashcat --custom-charset1=charset2.hcchr --custom-charset2=charset.hcchr -a 3 --increment -m 13400 -o cracked_output.txt --outfile-format 2 keepass.hash ?1?1?1?1?1?1?1?1?1?1
This command will use the new charset file to eliminate candidates without the new symbols.
You can also use the -r option to specify a regular expression to match the passwords. For example, the following command will match passwords that contain at least one special character:
hashcat --custom-charset1=charset2.hcchr --custom-charset2=charset.hcchr -a 3 --increment -m 13400 -r "!#$%*&()" -o cracked_output.txt --outfile-format 2 keepass.hash ?1?1?1?1?1?1?1?1?1?1
This can be helpful to reduce the number of candidates that Hashcat needs to try.
Please note that cracking Keepass hashes can be very difficult, and it may take a long time to find the original password, even with a small charset.
Posts: 2
Threads: 1
Joined: Oct 2023
I tried your methods and they didn't seem to work. the ?1 refers to the expanded hcchr file, and the ?2 never comes into play to eliminate candidates.
The -r doesn't work with attack mode -a 3. I tried generating an output and piping that into an -a 0 attack and using rules \X, but that only works with legacy hashcat. I also tried -j and -k which also didn't work.
I also noticed that my original .hcchr file of ?l?u?d!@#$ does not work the way I thought. You can't combine default charsets with custom in one file.
I figured a way to solve my original problem, maybe not in the most efficient way...
mp64.bin ?a?a?a | grep -v '[!@#$%^&*()_+-=;:"<>,."]' | hashcat -a 0 -m 13400 keepass.hash
Once that's exhausted, I add a symbol by removing it from the filter and again filter only on candidates with that symbol. So, adding @ to the set give us this command
mp64.bin ?a?a?a | grep -v '[!#$%^&*()_+-=;:"<>,."]' | grep '@' | hashcat -a 0 -m 13400 keepass.hash
The speed is pretty similar so I don't think grep is a bottleneck in this situation.
Posts: 930
Threads: 4
Joined: Jan 2015
The reply above was AI generated and incorrect - disregard.
~
Posts: 1
Threads: 0
Joined: Nov 2023
(10-15-2023, 10:01 PM)royce Wrote: The reply above was AI generated and incorrect - disregard.
how do i make it so no charsets are being used on a burte force attack? i noticed that every time i do the command hackcat.exe -m 100 -a 3 -o cracked.txt hash.txt
it already has a couple charsets included that it is running by default
my question is, one if the password is pAssword with a uppercase as second digit will that ever be cracked bc the system is only looking for a uppercase in the first character? Two how do i run hashcat with no carsets so it literaly guess every single possiblity.
thanks
Posts: 930
Threads: 4
Joined: Jan 2015
(11-02-2023, 06:28 PM)pleasehelp Wrote: how do i make it so no charsets are being used on a burte force attack? i noticed that every time i do the command hackcat.exe -m 100 -a 3 -o cracked.txt hash.txt
it already has a couple charsets included that it is running by default
my question is, one if the password is pAssword with a uppercase as second digit will that ever be cracked bc the system is only looking for a uppercase in the first character? Two how do i run hashcat with no carsets so it literaly guess every single possiblity.
thanks
Please do not hijack existing threads with a different topic. Your question is fine, but should be its own new thread. Please create a new thread, and then delete your reply above.
~