Posts: 8
Threads: 1
Joined: Aug 2014
Hello! I'm new to the forum and HashCat. For a cybersecurity course at school we were asked to create and crack hashes to certain passwords. However, I noticed that oclHashcat is not cracking hashes (in md5 and sha1 for sure) with symbols followed by uppercase letters, numbers, or other symbols. Also, it did not crack anything with digits before a symbol. When I noticed this, I was trying different small passwords: $A, *A, *3, a*A, and a*a (I believe these were the combos I tried) all did not crack successfully. However, $a and *a worked fine. I used online MD5 and sha1 hash generators.
Is this a known issue, or am I just doing something wrong? The line I passed was
oclHashcat64.exe -m 100 -a 3 -1 ?a --workload-profile=3 -o Cracked.txt test.txt
Thanks for any feedback!
Posts: 2,301
Threads: 11
Joined: Jul 2010
you did not specify a mask
Posts: 8
Threads: 1
Joined: Aug 2014
I thought that ?a could take the place of the mask? That line worked for everything except for the instances with a symbol followed by uppercase, symbol, or numbers.
Posts: 2,301
Threads: 11
Joined: Jul 2010
08-28-2014, 01:21 AM
(This post was last modified: 08-28-2014, 01:22 AM by undeath.)
all you did with ?a was defining the custom mask ?1 (-1 ?a). I think hashcat has some mask it defaults to when the user does not specify one.
Posts: 8
Threads: 1
Joined: Aug 2014
Sorry, I'm a really inexperienced newbie. So, what exactly should I put as a mask? I read the mask_attack page, but did not find it extremely helpful with exactly what to put as a mask.
Posts: 2,936
Threads: 12
Joined: May 2012
if no mask is supplied, hashcat defaults to:
-1 '?l?d?u' -2 '?l?d' -3 '?l?d*!$@_' ?1?2?2?2?2?2?2?3?3?3?3?d?d?d?d
what to put as the mask depends entirely on you.
Posts: 8
Threads: 1
Joined: Aug 2014
Okay, so ?1 refers to whatever is put in -1, ?2 refers to -2 and so on? Therefore, if I wanted to have ?a in every location for a 10 character brute force I'd have to do
-1 ?a ?1?1?1?1?1?1?1?1?1
correct?
Again, thanks for all your help!
Posts: 2,301
Threads: 11
Joined: Jul 2010
What you wrote is correct, but you are not forced to use -1 -2 aso. ?a?a?a?a?a?a?a would be valid as well.
Posts: 8
Threads: 1
Joined: Aug 2014
Alright. Final question! (I think). And then I'll let you know if this solved my symbols issue. Is there a certain order in which parameters must be passed? When I enter the line, I get a line-length exception because it thinks that ?a is my hash file... I entered:
oclHashcat64.exe -m 0 -a 3 ?a --increment --workload-profile=3 -o Cracked.txt md5uplownumsym.txt
Obviously I'm doing something wrong.
Posts: 2,301
Threads: 11
Joined: Jul 2010
08-28-2014, 02:53 AM
(This post was last modified: 08-28-2014, 02:55 AM by undeath.)
the help screen is pretty clear about parameter order
Code:
Usage: oclHashcat [options]... hash|hashfile|hccapfile [dictionary|mask|directory]...
But I still don't see a mask in the command you posted. If the file you specify does not exist hashcat assumes it is a hash (and throws an invalid hash error)
