|
Minimum password length
|
12-21-2014, 03:26 AM
I know with hashcat I can specify a minimum password length, but I can't seem to find a similar option with oclhashcat. I'm working on a hybrid attack, and I've already brute forced everything with 7 characters or less, so trying those again is a waste of time. Is there any way to tell oclhashcat to skip passwords less than X characters?
12-21-2014, 05:19 AM
Yes, a mask will work for a brute force attack to select only certain length passwords, but it doesn't work for a hybrid attack. For example, my [fake, example only] dictionary contains two words: password
the I'm using a mask of ?d?d, but don't want to try anything below 8 characters. The first word works, even without the mask, but the second, even with the mask, is only 6 characters.
12-21-2014, 09:03 AM
Hi,
There's a rule that can do that: " Reject greater >N Reject plains of length less than N " from: https://hashcat.net/wiki/doku.php?id=rule_based_attack in your case the rule is: '>8' I don't know if hybrid attack work with rules, but if it don't you can generate rules to append the character you want + using the reject greater then rule. You can read here: https://hashcat.net/wiki/doku.php?id=hyb...with_rules Example: ./mp32.bin -o test.rule '$?d $?d $? $?d >8' Then use that rule with hashcat.
12-30-2014, 09:10 PM
I do have a short question concerning the wpa(2) password length.
Since wpa requires a minimum of 8 characters, it's useless to try passwords with 1-7 chars, right? Is there a way of only checking passwords of the dictionary which are at least 8 chars long? Thanks!
12-30-2014, 09:24 PM
(12-30-2014, 09:10 PM)usq Wrote: I do have a short question concerning the wpa(2) password length.Hashcat skip them automaticaly. |
|
« Next Oldest | Next Newest »
|
