Custom rule/mask not working
#1
Hi.

I'm new but I've read a lot of info and manuals.

Im trying to crack a hash that I already know part of the password:

"AAA B?1?1C DDDD?l?d?s"

?1=3e

hashcat-cli64.exe -a 3 --pw-min=14 --pw-max=20 -m 1800 hash.txt -1=3e "AAA B?1?1C DDDD?l?d?s"

So I know the A,B, C and D and the position ?1 can be a 3 or a e. Then I want to try at the end all ?l?d?s possibilities.

What is wrong with that?? Im getting:

Input.Mode: Mask ("AAA B?1?1C DDDD?l?d?s") [14]
Index.....: 0/1 (segment), 234 (words), 0 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: 1.10k plains, 1.10k words
Progress..: 234/234 (100.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--

Started: Thu Apr 03 11:41:17 2014
Stopped: Thu Apr 03 11:41:17 2014

It starts and stops at same time.
What I am doing wrong??

thanks
#2
maybe you should give some examples of plains which hashcat should try.

what do you mean by
"I want to try at the end all ?l?d?s possibilities"

do you mean the mix of them OR first of the 3 is a lower-case char, second is a digit and third is a special char

If you want to try all 3 at the same positions you need to define another custom charset (http://hashcat.net/wiki/doku.php?id=mask...m_charsets ) -2 for instance and use it:
-1 3e -2 ?l?d?s "AAA B?1?1C DDDD?2"

You also should be more clear on the length of the password
is it 14 or 16 or variable ?
From the --pw-min values I think it is variable, therefore you need to use it as such:
-1 3e -2 ?l?d?s "AAA B?1?1C DDDD?2?2?2?2?2?2?2"

Furhermore, the two ?1 mean there are 2 positions in the password that are either "3" or "a".

For more details and explanations, see http://hashcat.net/wiki/doku.php?id=mask_attack
#3
Ohhhh my problem is that I was not using ?2?2?2? several times to increase the length of the password to check.

-1 3e -2 ?l?d?s "AAA B?1?1C DDDD?2?2?2?2?2?2?2" -----> correct one.

Is there any way to watch some of the passwords that are being used to check that they are being generated correctly?
thanks
#4
you can do --stdout to see all generated candidates. "Live" candidates are only shown by oclhashcat I think.
#5
use maskprocessor from hashcat-utils and don't hijack threads.
#6
double posting and thread hijacking. awesome way to introduce yourself to the forums.