Mask/rule to bruteforce md5(*word*word*longword*) passwords
#1
I want to find a mask that some unknown algorithm uses to generate hashes.

I have some thousands of strings that look like this (path and IP fudged):
md5=ICAN'TREADTHERULES&date=20130226&_ip=12.34.56&filename=1234\1234\12345\AAA45.ext
md5=ICAN'TREADTHERULES&date=20130303&_ip=12.34.56&filename=1234\1234\12345\AAA45.ext

I've learned that the md5 parameter depends on the VALUES of the "date", "_ip" and "filename" parameters (but not on the parameter names). Now I want to find out how these 3 values ("20130303", "12.34.56" and "1234\1234\12345\AAA45.ext") are combined to calculate md5. I think that's something very simple, but I've tried all 6 permutations separated by 0-1 arbitrary characters and it didn't work.


How can I automate hashcat (any version) to brute-force the stuff between those words? Should I write a custom mask-generator?
#2
you can keep thinking about the solution while you take a week off to read the forum rules.