Posts: 2
Threads: 1
Joined: Jan 2024
01-08-2024, 08:32 PM
Hi guys, Ive been reading the forums a bunch the past week to make sure to not double post... I wasnt succesful in my search of my specific scenario but feel like it wont be rocket science either:
So Im stuck with a 10 digit WPA hash that has 2 digits and 8 uppercase letters at any given position. How would I define that specific scenario in hashcat so it doesnt try to use more than 8 letters or more than 2 digits?
My guess was:
-m 22000 -w 3 -a 3 XYZ.hc22000 -1 ?u ?d u?u?u?u?u?u?u?d?d
But this would imply "8 letters at the beginnint + 2 digits at the end"? But my password has 2 digits at a random place out of the 10. So how would I define that correctly?
Thanks for any kind of input, its greatly appreciated
Posts: 890
Threads: 15
Joined: Sep 2017
01-09-2024, 03:26 PM
(This post was last modified: 01-09-2024, 03:27 PM by Snoopy.)
i would use a maskfile for that, inside this maskfile you have to specify all possible shifting masks like that, each line is a new mask
?d?d?u?u?u?u?u?u?u?u
?d?u?d?u?u?u?u?u?u?u
?d?u?u?d?u?u?u?u?u?u
... until you reach
?d?u?u?u?u?u?u?u?u?d
then shift the first ?d and start again
?u?d?d?u?u?u?u?u?u?u
?u?d?u?d?u?u?u?u?u?u
you should end up with 45 lines/masks if i have done the math right
last mask should be
?u?u?u?u?u?u?u?u?d?d
feeding hashcat with this file like
-m 22000 -w 3 -a 3 XYZ.hc22000 maskfile
results in hashcat trying each mask one by one
Posts: 2
Threads: 1
Joined: Jan 2024
01-09-2024, 10:53 PM
(This post was last modified: 01-09-2024, 10:54 PM by KaliMan.)
Yea, I figured Id do it like that or generate all of the possible Combos with some AI/script and use that list. But either way you spin it theres too many combos possible, so might ditch it alltogether. Not sure..
Posts: 890
Threads: 15
Joined: Sep 2017
01-10-2024, 03:16 PM
(This post was last modified: 01-10-2024, 03:16 PM by Snoopy.)
well this is just plain math, thats all possible masks for your given password-style (8 chars + 2 digits, digit position unknown)
9+8+7+6+5+4+3+2+1 = 45 masks
there is no* other way than this
* it would be possible to use rules instead of plain masks, but this way you have to generate tons of rules for every combination of digits 00-99 for all posistions, and never the less, the keyspace would change
Posts: 119
Threads: 1
Joined: Apr 2022
(01-08-2024, 08:32 PM)KaliMan Wrote: Hi guys, Ive been reading the forums a bunch the past week to make sure to not double post... I wasnt succesful in my search of my specific scenario but feel like it wont be rocket science either:
So Im stuck with a 10 digit WPA hash that has 2 digits and 8 uppercase letters at any given position. How would I define that specific scenario in hashcat so it doesnt try to use more than 8 letters or more than 2 digits?
My guess was:
-m 22000 -w 3 -a 3 XYZ.hc22000 -1 ?u ?d u?u?u?u?u?u?u?d?d
But this would imply "8 letters at the beginnint + 2 digits at the end"? But my password has 2 digits at a random place out of the 10. So how would I define that correctly?
Thanks for any kind of input, its greatly appreciated
You are misunderstanding how this works.
Your command:
-m 22000 -w 3 -a 3 XYZ.hc22000 -1 ?u ?d u?u?u?u?u?u?u?d?d
To get what you want:
-m 22000 -w 3 -a 3 XYZ.hc22000 -1 ?u?d ?1?1?1?1?1?1?1?1?1?1
This will check each position for uppercase and digits.
If it also contains lowercase, you would use:
-m 22000 -w 3 -a 3 XYZ.hc22000 -1 ?l?u?d ?1?1?1?1?1?1?1?1?1?1
Posts: 890
Threads: 15
Joined: Sep 2017
Quote:
To get what you want:
-m 22000 -w 3 -a 3 XYZ.hc22000 -1 ?u?d ?1?1?1?1?1?1?1?1?1?1
This will check each position for uppercase and digits.
this way he would also check passwords like
AAAAAAAAAA
or
1111111111
which are not the given password style and therefore will dramatically increase the keyspace