Posts: 22
Threads: 4
Joined: Dec 2012
I'm trying to do a mask attack on a WPA hash, as described here
http://hashcat.net/wiki/doku.php?id=mask_attack . How do I set it up to try all lowercase alphanumeric characters and a password of 1-8 characters? And what kind of performance can I expect on a Nvidia GTX285 (Windows 7). Currently I'm getting about 13k/sec with the newest driver (310.70). Thanks
Posts: 2,936
Threads: 12
Joined: May 2012
define a custom charset that contains both loweralpha and digits, then build your mask with that custom charset. e.g.,
Code:
-1 ?l?d ?1?1?1?1?1?1?1?1
you can expect it to be slow as dogshit.
Posts: 22
Threads: 4
Joined: Dec 2012
Thanks. Now one more stupid question, I presume that if I have multiple WPA hashes in a single file, hashcat will try each password on all hashes simultaneously? How do I get all the hashes in the same file? When I use the -J option in aircrack-ng I can only export one handshake at a time. Is there a way to combine the hashes from multiple .hccap files to one?
Posts: 414
Threads: 14
Joined: Mar 2012
hccap files can only contain one handshake. It's impossible to crack more than one handshake using -plus, unless you run more than one instance (with different hccap files).
I don't know how to tell aircrack-ng what handshake to convert, but I think you can work something out using pyrit.
Posts: 22
Threads: 4
Joined: Dec 2012
I see. Converting each handshake to hccap from one airodump file is no problem, I just hoped there was a more efficient way to crack the hashes than to run them one at a time. But thanks anyway
Posts: 5,185
Threads: 230
Joined: Apr 2010
This is simply not possible because of the salt (ESSID) that is used by WPA/WPA2.