Hashcat Bruteforce attack
#1
I want to launch a bruteforce attack against this hash (yes, a standard bruteforce attack, not a dictionary attack). I know the string ends with '66'. So I denifed a rule called myrule.rule which contains '66$' and probably consists of all ascii characters.

What I tried to do so far is:

Code:
cudaHashcat-plus64.exe -a 3 -m 0 hash\myhash.hash -r rules\myrule.rule

But it doesn't execute:
Code:
\oclHashcat-plus-0.08\cudaHashcat-plus64.exe [options]... hash|hashfile|hccapfile [dictionary|mask|directory]...

So I'm probably failing somewhere on syntax. Also I tried to read the examples, but I don't really understand them. How do I go about to launch a bruteforce attack for an MD5 hash who's unhashed string certainly ends with 66 and only contains ascii characters?

Thanks!
#2
https://hashcat.net/wiki/doku.php?id=mask_attack

doesnt really get much easier than that.
#3
bruteforce and rules? A bruteforce attack would looklike this:

cudaHashcat-plus64.exe -a 3 -m 0 hash\myhash.hash [mask]


http://hashcat.net/wiki/
http://hashcat.net/files/hashcat_user_manual.pdf
#4
(12-29-2012, 07:13 PM)radix Wrote: https://hashcat.net/wiki/doku.php?id=mask_attack

doesnt really get much easier than that.

The problem is that I do not understand the mask attack syntax, can you give an example on how I would say keep hashing from 0 until 10 characters with all ascii characters and myrule.rule defined? Thanks Smile
#5
(12-29-2012, 07:15 PM)K9 Wrote: bruteforce and rules? A bruteforce attack would looklike this:

cudaHashcat-plus64.exe -a 3 -m 0 hash\myhash.hash [mask]


http://hashcat.net/wiki/
http://hashcat.net/files/hashcat_user_manual.pdf

But how do I go about defining a mask that says the same as my rule (ends with 66 but I do not know how many characters come in front , just that they are in ascii)?

I tried this:

Code:
.\cudaHashcat-plus64.exe --force -a 3 -m 0 hash\ccc.hash --increment ?l
According to the mask page --increment should make this incremental, but it still fails on syntax Sad
#6
.\cudaHashcat-plus64.exe -m 0 -a 3 hash\ccc.hash -i ?l?l?l?l?l?l?l?l?l?l?l?l?l'66'
#7
(12-30-2012, 12:36 AM)ntk Wrote: .\cudaHashcat-plus64.exe -m 0 -a 3 hash\ccc.hash -i ?l?l?l?l?l?l?l?l?l?l?l?l?l'66'

But wont that automatically start with 13 characters and skip words with 1 -12 characters?
#8
The following thread will help you:
https://hashcat.net/forum/thread-1836.html
#9
try that and see if you are lucky with PW len8 or less! You can use -i --increment-min=x to start from len x. actually the later version have Markov implemented then it would read the default hashcat.hcstat file, and build pw accordingly in this case if you don't specify any pW length it will start PW from len 5,6 up to 15 e.g. in your case xxx66; xxxx66 etc... I thought you tried and found out yourself.

However the excercise you aim for requires very powerful card. without any other information len more than 12 (xxxxxxxxxx66) would take a very very long time to complete. longer then 12x we can forget to run them this way, with markov or not.

follow the thread M@lik provides. You can use statprocessor the SP64.bin to visualise what kind of PW is generated (you won't see anything from cudaHashcat-plus64.exe); do try out the different parameters like --markov-classic; -i --increment-min; --increment-max