How to predefine the mask?
#1
Hi,
I'm looking for a ten character password. For each position in the password I have a set of characters, that is:
password character position: [0][1][2][3][4][5][6][7][8][9],
character sets for each position:
[0] = [2,4,f,e,W,#]
[1] = [?,F,J,5,S,g,w,!,@,$,s,]
[2] = [h,s,5,2,i,a,8,1,2,W,eD,Y,r]
...and so on, not one set is similar to another and does not logically intersect in any way
[9] = [8,d,2,r,f,W,h,5,~]

How can I set a mask for this type of work?
Reply
#2
Hashcat does have the ability to use custom charsets but currently only supports 4 custom charsets. There have been forks of Hashcat that raise it to 9 but it's not official code and you'd have to compile it yourself:
https://github.com/flaggx1/hashcat/tree/...m_charsets

For more info, check the "Custom Charsets" section of:
https://hashcat.net/wiki/doku.php?id=mask_attack
Reply
#3
Hashcat only supports 4 custom charsets, so there is no easy possibility for building that mask

depending on the over all input, i would try generating 2 wordlist from your given input using combinator from hashcat utils

prepare one textfile for each position, then use combinator
0 + 1 > 01
01 + 2 > 012
check for output filesize but this should be feasable, do this up to position 4 and generate the second wordlist 5-9
then use hashcat with both wordlist in combinator attack mode
Reply
#4
penguinkeeper, Snoopy,
thanks for your replies!
I'll try this
Reply
#5
(05-30-2024, 11:57 AM)tao Wrote: Hi,
I'm looking for a ten character password. For each position in the password I have a set of characters, that is:
password character position: [0][1][2][3][4][5][6][7][8][9],
character sets for each position:
[0] = [2,4,f,e,W,#]
[1] = [?,F,J,5,S,g,w,!,@,$,s,]
[2] = [h,s,5,2,i,a,8,1,2,W,eD,Y,r]
...and so on, not one set is similar to another and does not logically intersect in any way
[9] = [8,d,2,r,f,W,h,5,~]

How can I set a mask for this type of work?



1. make the 10 charactersets, for example

    ['2', '4', 'f', 'e', 'W', '#', '7']       # [0]
    ['?', 'F', 'J', '5', 'S', 'g', 'w'],        # [1]
    ['h', 's', '5', '2', 'i', 'a', '8'],          # [2]
    ['!', '@', '$', 's', 'D', 'Q', 'z'],        # [3]
    ['X', 'Y', 'r', 'k', 'm', 'n', 'p'],         # [4]
    ['A', 'B', 'C', 'd', 'E', 'f', 'G'],          # [5]
    ['u', 'v', 'w', 'x', 'y', 'z', 'H'],          # [6]
    ['1', '3', '4', '6', '9', '0', 'b'],           # [7]
    ['L', 'M', 'N', 'O', 'P', 'R', 'T'],           # [8]
    ['8', 'd', '2', 'r', 'f', 'W', 'h']              # [9]

Each has 7 characters.

Next, combine them in a wordlist to create all possible combinations. approx 250.000.000 words, simple. Next, check your wordlist against the hash.

If you want to change the charsets, and believe you have to change it many more times, you will very very simply generate for example 1000 different charsets. Not only that, but you will make python output these charsets as hashcat custom rules.

Next, lets say you want to check with 1000 different character sets, simply tell python to write the rule for you, each on a new line. each rule says "change position x to x". then run it as directory with custom rules attack.

Anyways, to be honest - this kind of attack is not a good one. To waste your time, yes, its perfect. Unless you have specific known characteristics on placements of the password, this method is just the same as random luck, and ?a?a?a?a?a?a?a?a?a?a is simply the same..
Reply