hashcat Forum Deprecated; Previous versions General Help v
WPA masks

Threaded Mode
WPA masks
dwjs1974 Offline
Junior Member
**
Posts: 11
Threads: 2
Joined: Dec 2012
#1
12-14-2012, 02:57 PM
Hi I am new to hashcat in general .

I have used hashcat to find sha1 and MD5 hashes which its done with great speed...

I used to use pyrit for my wireless WPA attacks but due to graphics card changes I couldnt get pyrit to work but found the installation of hashcat a doddle

my cracker machine
AMD 1055T Phenom_II which runs 2.8Ghz over clockable to 3.6Ghz (It was overclocked with the bundle i bought) I now run at stock 2.8
I use an ASUS 5870 Ares Graphics card which is a dual 5870 on one board.
OS i run backtrack 5r3

That gives you an idea of what i am working with:

My question :

This is the command i would use to get crunch to create a wordlist that i need.

Code:
./crunch 10 10 -f charset.lst hex-lower -i -d 2 -b 100GB -o /media/sf_Desktop/passwords/START
This would generate a 10 char password using abcdef0123456789 and would not allow more than 2 identical chars..

In hashcat i use :

Code:
./oclHashcat-plus64.bin -m 2500 -a 3 -n 8 --gpu-loops=45 -1 abcdef?d /pentest/passwords/oclhashcat+/mynetworkcap.hccap ?1?1?1?1?1?1?1?1?1?1
after reading the wiki i can see you can use rules for many things but I don't understand how how to get the mask to skip passwords that are not compliant.

I hope this make sense
Thanks for any help.....
The Raver
Find
radix Offline
Anti SL3
******
Posts: 649
Threads: 18
Joined: Nov 2010
#2
12-14-2012, 03:00 PM
So you dont want the mask to contain identical chars?
Find
atom Offline
Administrator
*******
Posts: 5,185
Threads: 230
Joined: Apr 2010
#3
12-14-2012, 03:20 PM
you can pipe if you want:

./crunch 10 10 -f charset.lst hex-lower -i -d 2 -b 100GB | ./oclHashcat-plus64.bin -m 2500 -n 8 --gpu-loops=45 -1 abcdef?d /pentest/passwords/oclhashcat+/mynetworkcap.hccap
Website Find
dwjs1974 Offline
Junior Member
**
Posts: 11
Threads: 2
Joined: Dec 2012
#4
12-14-2012, 03:25 PM
(12-14-2012, 03:00 PM)radix Wrote: So you dont want the mask to contain identical chars?

That was a super quick reply....

I'd like to limit the number of consecutive letters or numbers to a maximum of 2

eg:

aaaaaaaaaa I dont want this to happen
aabaabaaba So where the 3rd char would have been an a is it possible to increment it b for all lower-hex so abcdef1234567890

Many thanks again...
Find
dwjs1974 Offline
Junior Member
**
Posts: 11
Threads: 2
Joined: Dec 2012
#5
12-14-2012, 03:31 PM
(12-14-2012, 03:20 PM)atom Wrote: you can pipe if you want:

./crunch 10 10 -f charset.lst hex-lower -i -d 2 -b 100GB | ./oclHashcat-plus64.bin -m 2500 -n 8 --gpu-loops=45 -1 abcdef?d /pentest/passwords/oclhashcat+/mynetworkcap.hccap

Many thanks atom

I will try the pipe to hashcat now..

I wanted to try and use hashcat's features as I have heard it can generate a wordlist faster than crunch.

Thanks

The Rave
Find
undeath Offline
Sneaky Bastard
******
Posts: 2,301
Threads: 11
Joined: Jul 2010
#6
12-14-2012, 04:35 PM (This post was last modified: 12-14-2012, 04:35 PM by undeath.)
For WPA the speed difference is irrelevant. Also hashcat cannot further filter the candidates generated by the mask generator.
Find
dwjs1974 Offline
Junior Member
**
Posts: 11
Threads: 2
Joined: Dec 2012
#7
12-14-2012, 05:02 PM
Many thanks,

I am piping crunch through to hashcat+ as suggested by atom

This is running now

For anyone else who wants to do this..
a very slight change in the command from crunch before the pipe.

Code:
./crunch 10 10 -f charset.lst hex-lower -i -d 2 | ./oclHashcat-plus64.bin -m 2500 -1 abcdef?d /pentest/passwords/oclhashcat+/mynetworkcap.hccap

Thanks again i will still be trying full bruteforce in hashcat as I know that the results will be the same but will take a bit longer

Cheers

Raver
Find