Hi,
I want your opinion on what I might be doing wrong.
So I have only a part of a password, let's call it "qwer_4tyo".
This half of the password is lowercase and is only a hint as the final password might actually have one or more uppercase letters (e.g. qwEr_4tyO ), so this calls for a toggle attack first and then an extension through a mask attack.
What I did first is I ran hashcat with this command to create a small dictionary with all uppercase variations:
Then once I have this dictionary, I ran a hybrid attack, with a mask of 6 ?a appended.
But I run into two issues:
Is there a more elegant way for me to figure out the other half of the password? So keep in mind that I need to run a toggle-case attack first with an extension of up to 5 or 6 other characters (upper,lower,digit and special). Any ideas?
Thanks
I want your opinion on what I might be doing wrong.
So I have only a part of a password, let's call it "qwer_4tyo".
This half of the password is lowercase and is only a hint as the final password might actually have one or more uppercase letters (e.g. qwEr_4tyO ), so this calls for a toggle attack first and then an extension through a mask attack.
What I did first is I ran hashcat with this command to create a small dictionary with all uppercase variations:
Code:
echo "qwer_4tyo" | hashcat --stdout -r /path/to/hashcat/rules/toggles5.rule > base_wordlist.txt
Then once I have this dictionary, I ran a hybrid attack, with a mask of 6 ?a appended.
Code:
hashcat -m 120 -a 6 -O --increment --increment-min=1 --increment-max=6 salted_hash.txt dictionaries\ar.txt ?a?a?a?a?a?a
But I run into two issues:
- Once the mask gets to 5 ?a, I get a "Integer overflow detected in keyspace of mask: ?a?a?a?a?a" error.
- When I check the [s]tatus while hashcat is running, it seems that hashcat is using only the first and last word from the dictionary I created, so "Qwer_4tyo" on the left side and "qwer_4tyO" on the right, but it never shows on screen any of the other candidates (for example, qWeR_4tYo). Is this a visual bug, or am I doing something wrong that it isn't running through all supposed variations in the supplied dictionary?
Is there a more elegant way for me to figure out the other half of the password? So keep in mind that I need to run a toggle-case attack first with an extension of up to 5 or 6 other characters (upper,lower,digit and special). Any ideas?
Thanks