Custom brute force possiable?

[2Fac3]

Pretend you know the last 4 characters of a password are 1234, and you know the password is 12 characters in total. Is it possible to only brute force the first 8 characters of the password? Or is the only way to make your own custom word list?

[epixoip]

it's called a mask attack: https://hashcat.net/wiki/doku.php?id=mask_attack

[2Fac3]

I see so -a 3 ***hash ?l?l?l?l?l?l?l?l1234 will give me 8 characters brute forced ending in 1234. Thats cool Thanks a lot!

[Hash-IT]

I see so -a 3 ***hash ?l?l?l?l?l?l?l?l1234 will give me 8 characters brute forced ending in 1234. Thats cool Thanks a lot!

I'm just checking you understand what your mask is doing.

You do realise that you are only checking lower alpha on the first 8 characters in your mask don't you ?

[2Fac3]

Yup

?l = abcdefghijklmnopqrstuvwxyz
?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ
?d = 0123456789
?s = !”#$%&'()*+,-./:;⇔?@[\]^_`{|}~
?h = 8 bit characters from 0xc0 - 0xff
?D = 8 bit characters from german alphabet
?F = 8 bit characters from french alphabet
?R = 8 bit characters from russian alphabet

[2Fac3]

Another stupid questions when brute forcing a wpa password will hash cat automatically set a default length of 8 or do you still have to set it manually?

[Hash-IT]

Another stupid questions when brute forcing a wpa password will hash cat automatically set a default length of 8 or do you still have to set it manually?

You set it manually in brute force, oclhashcat will not test passwords less than 8 on WPA.

With word lists you don't have to worry about wasting time testing passwords that will never work, oclhashcat filters <8 out for you automatically.

[2Fac3]

Sweet! Hash cat is fast, reliable, and very customizable. In other words its AWESOME!

[M@LIK]

Sweet! Hash cat is fast, reliable, and very customizable. In other words its AWESOME!

True story.