Custom brute force possiable?
#1
Pretend you know the last 4 characters of a password are 1234, and you know the password is 12 characters in total. Is it possible to only brute force the first 8 characters of the password? Or is the only way to make your own custom word list?
#2
it's called a mask attack: https://hashcat.net/wiki/doku.php?id=mask_attack
#3
I see so -a 3 ***hash ?l?l?l?l?l?l?l?l1234 will give me 8 characters brute forced ending in 1234. Thats cool Thanks a lot!
#4
(03-07-2013, 01:35 AM)2Fac3 Wrote: I see so -a 3 ***hash ?l?l?l?l?l?l?l?l1234 will give me 8 characters brute forced ending in 1234. Thats cool Thanks a lot!

I'm just checking you understand what your mask is doing.

You do realise that you are only checking lower alpha on the first 8 characters in your mask don't you ?
#5
Yup

?l = abcdefghijklmnopqrstuvwxyz
?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ
?d = 0123456789
?s = !”#$%&'()*+,-./:;⇔?@[\]^_`{|}~
?h = 8 bit characters from 0xc0 - 0xff
?D = 8 bit characters from german alphabet
?F = 8 bit characters from french alphabet
?R = 8 bit characters from russian alphabet
#6
Another stupid questions when brute forcing a wpa password will hash cat automatically set a default length of 8 or do you still have to set it manually?
#7
(03-07-2013, 02:13 AM)2Fac3 Wrote: Another stupid questions when brute forcing a wpa password will hash cat automatically set a default length of 8 or do you still have to set it manually?

You set it manually in brute force, oclhashcat will not test passwords less than 8 on WPA.

With word lists you don't have to worry about wasting time testing passwords that will never work, oclhashcat filters <8 out for you automatically.
#8
Sweet! Hash cat is fast, reliable, and very customizable. In other words its AWESOME!
#9
2Fac3 Wrote: Sweet! Hash cat is fast, reliable, and very customizable. In other words its AWESOME!
True story.