Masks and the increment flag
#1
Perhaps this is obvious to everyone else, but it isn't noted in the documentation (as far as I can find), and it caught me off guard. I've been running a lot of mask files against a particular WPA handshake, and now I'll need to go back and revise several.

So, as a PSA for anyone else who might be conducting similar sessions:
-- performing mask attacks
-- with the increment switch
-- anchor text on the back end (right side)

For example:

Passkey: 123April

Code:
-a 3 -i hashfile.txt  ?d?d?d?d?dApril

I was expecting it to increment against the anchor text, e.g.:

Code:
12333April
1233April
123April
12April
1April

But instead it works left to right, and the incrementation includes the anchor text:

Code:
1
12
123
1233
12333
12333A
12333Ap
12333Apr
12333Apri
12333April

Therefore, the mask would fail to find the passkey "123April". And since it increments through the anchor text, it also takes significantly longer to run each mask.

This isn't the situation when the anchor text and the mask is flipped.
e.g. if the command is:

Code:
-a 3 -i hashfile.txt April?d?d?d?d?d

It does this:

Code:
April1
April12
April123
April1233
April12333

not this:
Code:
A
A1
A12
A123
A1233
A12333
Ap1
Ap12

(or whatever)

The workaround is to just put "April" in a dictionary file and use attack mode 7 instead:

Code:
-a 7 -i hashfile.txt ?d?d?d?d?d april.txt

Works as expected - "123April" is recovered.


That's all fine. I've just been doing a lot of mask attacks on the fly as I think of new keyword sets, and I'll dump them in a mask file, e.g.:
?d?d?d?d?d-jan
jan-?d?d?d?d?d
?d?d?d?d?d-texas
texas-?d?d?d?d?d
etc. etc.

Start the attack, walk away, check back when it's done. So it took me a while to catch this on my own.