Posts: 52
Threads: 15
Joined: Oct 2017
אבגדהוזחטיכלמנסעפצקרשת1234567890!@#,?1?1?1
It seems like I managed to make a mask, I created an md5 password for the test with 3 characters דהו, but no matter what encoding I convert to, only UTF 8 finds the password, but not as 3 characters, but as 6.
tell me how to solve? after all, if the password is 8 characters, then there is no way I can guess a password of 16 characters using the mask, there is not enough power
Posts: 825
Threads: 15
Joined: Sep 2017
(04-24-2024, 12:13 PM)svobodnui11 Wrote: אבגדהוזחטיכלמנסעפצקרשת1234567890!@#,?1?1?1
It seems like I managed to make a mask, I created an md5 password for the test with 3 characters דהו, but no matter what encoding I convert to, only UTF 8 finds the password, but not as 3 characters, but as 6.
tell me how to solve? after all, if the password is 8 characters, then there is no way I can guess a password of 16 characters using the mask, there is not enough power
this is a common misunderstanding when it comes to utf-8 or any other multibyte charset
hashcat works on bytesized objects, so any of your utf-8 chars like א is in fact 2-bytes long, thats why hashcat needs more "characters" to find that char, UTF-8 א is in hex representation D7 90, so 2 bytes, 3 human chars = 6 "hahscat-chars"
codepage for hebrew is 862 BUT you have to be sure that, the passwort or hashingtask was done/encoded with this specific codepage BUT in as you see in your own example, standard encoding on pc's is UTF-8
so bruteforcing multibyte chars yeah is quite not really "nice" task
Posts: 52
Threads: 15
Joined: Oct 2017
it turns out that if I set the mask to all the characters, then the hashcat should match in any language or I did not understand you correctly, I mean the encoding
for example - pass > אב
?a?a?a?a must find
Posts: 160
Threads: 5
Joined: Mar 2018
This issue has already been documented on this forum or on other blogposts. Do some research, and you'll be fine.
Let's take your example "דהו"
As Snoopy stated, the hebrew characters are multibyte, you'll need to look-up the hex values of each character. This is a good page to start:
https://www.utf8-chartable.de/unicode-ut...start=1280
You can double-check with xxd
Code:
echo -n דהו | xxd
00000000: d793 d794 d795
You'll see that the Hebrew letters have the following representation: "D7 9x" and "D7 Ax".
Now, make a custom charset of it; since it always starts with D7 (base code), we can use two custom charsets
Do not forget to use the --hex-charset in your command.
Code:
hashcat -m 0 386dad60a3d478a96af4691d45037661 --hex-charset -a3 -1 d7 -2 909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf ?1?2?1?2?1?2
Posts: 825
Threads: 15
Joined: Sep 2017
(04-27-2024, 01:13 PM)svobodnui11 Wrote: it turns out that if I set the mask to all the characters, then the hashcat should match in any language or I did not understand you correctly, I mean the encoding
for example - pass > אב
?a?a?a?a must find
in fact no.
take a look at the HEX representation of the ASCII-Table
https://www.asciitable.com/, as you can see there is no CHAR/SIGN in ASCII representing in D7 (the starting point in UTF-8 for most(all?, didnt checked) hebrew letters
so there will never be a combination of your desired HEX-Values when using ?a?a?a?a, you could use ?b?b?b?b instead, but this will test all possible HEX-values, this is the point
take a look
https://www.utf8-chartable.de/unicode-utf8-table.pl from U+0590 (hebrew), there you cans see the hex representation of the chars, plain chars (no accents or similar) all starts with D7, so take a look at Banaanhangwagen's answer
