Mask setup
#1
Hello,

I'm trying to specify a particular mask for brute force. I currently use the following argument:

Code:
?u?d ?1?1?1?1?1?1?1?1

8 digits, uppercase only, all numerical

However, I know for a fact the password has a maximum/minimum of 4 upper case letters and 4 numerical. They can be anywhere in this 8 digit sequence.

Example:

Code:
A56BG76Y
R3T123GE
5F3TY5Q8

How can I specify this? Thanks
#2
Just checking but are you doing -1 ?u?d ?1?1?1?1?1?1?1?1

Also there is not a way you can do that. What you have it correct.
#3
Yes it does work fine but it wastes much time trying combinations that have more (or less) then 4 uppercase letters or numbers.

i.e. A0000001 is a big waste of time because I know its not the password format.

I doubt its impossible to accomplish, maybe using a dictionary generator or rules rather then a mask could work maybe. Being able to do so would be a HUGE performance gain.
#4
you can generate all masks for 8 chars upper/num and filter out the ones which do not have 4 upper/num chars.

echo uuuudddd | ./permute.bin | sort -u | sed 's/\(.\)/?\1/g' > masks.hcmask

note: permute.bin from hashcat-utils
#5
Yeah that sounds like a great solution!

I'm in windows environment for now so so installed sed.exe from GnuWin32 but the 's/\(.\)/?\1/g' argument doesn't want to accept the ?

I've tried without success
(sed.exe: -e expression #1, char 8: unknown command: `?'):

sed.exe "/\(.\)/?\1/g"

I'll try to figure it out but suggestions are welcomed Smile
#6
you are missing the starting "s" for the sed command
#7
so obvious! hehe thanks Smile

The masks in the generated file are exactly what I was hoping (little editing to do).

It went from 345 days at best to crack to 12 hours!!! Amazing! I already know the password, lets see if oclhashcat can find it now Smile

Thanks again for the help!
#8
Wait, there's a tool that generates the neccessary masks to target advanced password policies, it's called PACK: http://thesprawl.org/projects/pack/