Some questions on charsets
#1
I don't quite get how the charsets work, so I have a few questions.

If I write "?l?l?l?l?l?l?l?l" as charset in oclHashCat, then I have defined a charset of 8 characters, ranging from aaaaaaaa-zzzzzzzz, right?

But, if I write "?l?l?l?l?l?l?l?d" as charset, then I have defined it as 8 characters, ranging from aaaaaaa1-zzzzzzz9, right? And so on..

If what I've written above is correct, how can I define a charset on 8 characters, a-z, 0-9? 9 characters and a-z, 0-9 and so on..

Thanks in advance for answers.
#2
you want to set a variable. it's called custom charset

follow link to examples. https://hashcat.net/wiki/doku.php?id=mask_attack
#3
(Without bruteforce attack selected, it just goes to wordlist stdin mode, and does 0 c/s and 0% idle, also does not crack any hashes)
I set custom charset 1 to ?l?d, but when using attack mode 3:
Code:
C:\HashCat\oclHashcat-plus-0.08>oclhashcat-plus64.exe -a 3 -m 100 F:\RealWordlis
ts\SHA1\CleanedSHA1.txt -1 -o F:\RealWordlists\SHA1\Cracked.txt --remove
oclHashcat-plus v0.08 by atom starting...

Hashes: 2604344
Unique digests: 2604344
Bitmaps: 21 bits, 1048576 entries, 0x000fffff mask, 4194304 bytes
GPU-Loops: 64
GPU-Accel: 40
Password lengths range: 1 - 15
Platform: AMD compatible platform found
Watchdog: Temperature limit set to 90c
Device #1: Cayman, 2048MB, 0Mhz, 22MCU
Device #1: Allocating 132MB host-memory
Device #1: Kernel ./kernels/4098/m0100_a3.Cayman.64.kernel (443896 bytes)

ERROR: Mask is too big

When removing brute force option and setting a new charset, which follows hex rules, it's finished here:
Code:
C:\HashCat\oclHashcat-plus-0.08>oclhashcat-plus64.exe -m 100 F:\RealWordlists\SH
A1\CleanedSHA1.txt -2 -o F:\RealWordlists\SHA1\Cracked.txt --remove
oclHashcat-plus v0.08 by atom starting...

Hashes: 2604344
Unique digests: 2604344
Bitmaps: 21 bits, 1048576 entries, 0x000fffff mask, 4194304 bytes
Rules: 1
GPU-Loops: 64
GPU-Accel: 40
Password lengths range: 1 - 15
Platform: AMD compatible platform found
Watchdog: Temperature limit set to 90c
Device #1: Cayman, 2048MB, 0Mhz, 22MCU
Device #1: Allocating 132MB host-memory
Device #1: Kernel ./kernels/4098/m0100_a0.Cayman.64.kernel (1064060 bytes)

Scanning dictionary F:\RealWordlists\SHA1\Cracked.txt: 1047580 bytes (45.09%), 1
Scanned dictionary F:\RealWordlists\SHA1\Cracked.txt: 2323157 bytes, 43725 words
, 43725 keyspace, starting attack...


Status.......: Exhausted
Input.Mode...: File (F:\RealWordlists\SHA1\Cracked.txt)
Hash.Target..: File (F:\RealWordlists\SHA1\CleanedSHA1.txt)
Hash.Type....: SHA1
Time.Running.: 0 secs
Time.Left....: 0 secs
Time.Util....: 996.8ms/0.0ms Real/CPU, 0.0% idle
Speed........:        0 c/s Real,        0 c/s GPU
Recovered....: 0/2604344 Digests, 0/1 Salts
Progress.....: 43725/43725 (100.00%)
Rejected.....: 43725/43725 (100.00%)
HW.Monitor.#1:  0% GPU, 38c Temp

Started: Mon Sep 03 22:29:20 2012
Stopped: Mon Sep 03 22:29:24 2012

When setting the charset as in the Wiki link you sent:
Code:
C:\HashCat\oclHashcat-plus-0.08>oclhashcat-plus64.exe -m 100 F:\RealWordlists\SH
A1\CleanedSHA1.txt --custom-charset1=?l?d ?1?1?1?1?1?1?1?1?1?1 -o F:\RealWordlis
ts\SHA1\Cracked.txt --remove
oclHashcat-plus v0.08 by atom starting...

Hashes: 2604344
Unique digests: 2604344
Bitmaps: 21 bits, 1048576 entries, 0x000fffff mask, 4194304 bytes
Rules: 1
GPU-Loops: 64
GPU-Accel: 40
Password lengths range: 1 - 15
Platform: AMD compatible platform found
Watchdog: Temperature limit set to 90c
Device #1: Cayman, 2048MB, 0Mhz, 22MCU
Device #1: Allocating 132MB host-memory
Device #1: Kernel ./kernels/4098/m0100_a0.Cayman.64.kernel (1064060 bytes)

ERROR: ?1?1?1?1?1?1?1?1?1?1: No such file or directory

So could you, maybe, explain it a little bit more?

(Also if I set attack mode as bruteforce, how does the characterset mode work there?)
#4
the first example you had it on bruteforce attack mode but didn't specify a mask

the second example, when -a isn't specified it defaults to -a 0 attack mode. failed because you didn't specify a wordlist

the third example you provided a mask but forgot to put it in bruteforce mode, -a 3

some attack mode examples:
* Attack modes:
0 = Straight
1 = Combination
3 = Brute-force
4 = Permutation
6 = Hybrid dict + mask
7 = Hybrid mask + dict

hashcatexecutable -a 0 hashfile.txt wordlist.txt
hashcatexecutable -a 1 hashfile.txt wordlist1.txt wordlist2.txt
hashcatexecutable -a 3 hashfile.txt ?u?u?u?u?u?u?u?u?u?u
hashcatexecutable -a 4 (never used it so don't know)
hashcatexecutable -a 6 hashfile.txt wordlist.txt ?u?u?u?u
hashcatexecutable -a 7 hashfile.txt ?u?u?u?u wordlist.txt
#5
Every mask I set, HashCat reports that the mask is to big. Is there any way to resolve that? Like increasing host-memory?
#6
If hashcat reports the mask is to big it is usually saving you from starting an attack that would take longer than you life Smile
#7
That's cool and all, but when setting the charset as characters "a", "b", isn't there something wrong then?
#8
as i said, as usual
#9
(09-04-2012, 06:03 PM)23732 Wrote: That's cool and all, but when setting the charset as characters "a", "b", isn't there something wrong then?
Lots of discussion in the air. Give all the command lines that you have used that gives a mask too big error.
#10
Code:
C:\HashCat\oclHashcat-plus-0.08>oclHashcat-plus64.exe -a 3 -m 100 F:\RealWordlis
ts\SHA1\CleanedSHA1.txt -1 --custom-charset1=ab F:\RealWordlists\SHA1\Cracked.tx
t --remove
oclHashcat-plus v0.08 by atom starting...

Hashes: 2603924
Unique digests: 2603924
Bitmaps: 21 bits, 1048576 entries, 0x000fffff mask, 4194304 bytes
GPU-Loops: 64
GPU-Accel: 40
Password lengths range: 1 - 15
Platform: AMD compatible platform found
Watchdog: Temperature limit set to 90c
Device #1: Cayman, 2048MB, 0Mhz, 22MCU
Device #1: Allocating 132MB host-memory
Device #1: Kernel ./kernels/4098/m0100_a3.Cayman.64.kernel (443896 bytes)

ERROR: Mask is too big

Code:
C:\HashCat\oclHashcat-plus-0.08>oclHashcat-plus64.exe -a 3 -m 100 F:\RealWordlis
ts\SHA1\CleanedSHA1.txt -2 --custom-charset1=?d F:\RealWordlists\SHA1\Cracked.tx
t --remove
oclHashcat-plus v0.08 by atom starting...

Hashes: 2603924
Unique digests: 2603924
Bitmaps: 21 bits, 1048576 entries, 0x000fffff mask, 4194304 bytes
GPU-Loops: 64
GPU-Accel: 40
Password lengths range: 1 - 15
Platform: AMD compatible platform found
Watchdog: Temperature limit set to 90c
Device #1: Cayman, 2048MB, 0Mhz, 22MCU
Device #1: Allocating 132MB host-memory
Device #1: Kernel ./kernels/4098/m0100_a3.Cayman.64.kernel (443896 bytes)

ERROR: Mask is too big