Minimum password length
#1
I know with hashcat I can specify a minimum password length, but I can't seem to find a similar option with oclhashcat. I'm working on a hybrid attack, and I've already brute forced everything with 7 characters or less, so trying those again is a waste of time. Is there any way to tell oclhashcat to skip passwords less than X characters?
#2
Did you add try adding mask ?
https://hashcat.net/wiki/doku.php?id=mask_attack
#3
Yes, a mask will work for a brute force attack to select only certain length passwords, but it doesn't work for a hybrid attack. For example, my [fake, example only] dictionary contains two words: password
the

I'm using a mask of ?d?d, but don't want to try anything below 8 characters. The first word works, even without the mask, but the second, even with the mask, is only 6 characters.
#4
Hi,
There's a rule that can do that:
" Reject greater >N Reject plains of length less than N "
from: https://hashcat.net/wiki/doku.php?id=rule_based_attack
in your case the rule is: '>8'
I don't know if hybrid attack work with rules, but if it don't you can generate rules to append the character you want + using the reject greater then rule. You can read here:
https://hashcat.net/wiki/doku.php?id=hyb...with_rules
Example:
./mp32.bin -o test.rule '$?d $?d $? $?d >8'
Then use that rule with hashcat.
#5
I do have a short question concerning the wpa(2) password length.

Since wpa requires a minimum of 8 characters, it's useless to try passwords with 1-7 chars, right?

Is there a way of only checking passwords of the dictionary which are at least 8 chars long?

Thanks!
#6
(12-30-2014, 09:10 PM)usq Wrote: I do have a short question concerning the wpa(2) password length.

Since wpa requires a minimum of 8 characters, it's useless to try passwords with 1-7 chars, right?

Is there a way of only checking passwords of the dictionary which are at least 8 chars long?

Thanks!
Hashcat skip them automaticaly.