how do i stop duplicate characters brute force
#1
Hi,

I have searched high and low, near and far but i can't seem to figure out how to disable duplicate characters in row when brute forcing my hash or if you can disable say more than 3 of the same character in a row, i briefly read about the -q command but straight after it they said it doesn't work with hashcat.
The advantaged it would be it will be significantly quicker this way knowing there are no duplicates

The problem incase i made it sound confusing

disabling 2 or more of the same characters in a row but allowing to used again as long as its not next to the same character
AABCA
ABBCB

disabling 3 or more of the same characters in a row but allowing to used again as long as its not next to the same character
AAABCDA
ABCCCDC

I am using cuda hashcat 1.31 for windows

If its easier to do it in a linux OS i could do a side by side install (would rather not) i do have a old laptop with linux on it but its lacking any sort of processing power

I am more than happy to read up on it, i just don't know a specific phrase to search for, it would be much appreciated if someone could point me in the right direction

Thanxz in advance
#2
maskprocessor (see https://hashcat.net/wiki/doku.php?id=maskprocessor and http://hashcat.net/tools/maskprocessor/ ) has the -q option.

For slow hashes you can simply pipe it into cudaHashcat without any performance loss. I.e. like this:
Code:
mp -q 2 [your_mask] | cudaHashcat -m ....
#3
Thank you, i have tried it and got it to work

Now to take it to the next level, is there any way that can be used to stop the use of the same letter more than once?

I did read about sed and that would solve this problem but i was wondering if there is a more efficient way from what i read it will take the speed down quite alot

So to stop this
AABCDEAAGHIJCZY
123456373982

But this would work
ABCDEFGHIJKZY
BCDAHFGIHKJYZ
etc

EDIT:
The reason i ask is because from a bruteforce point of view surely it would be easier to start from the bottom with the most simple combinations and work your way up

Instead of jumping straight in the deep end with every combination and a huge waiting/processing time plus you might save a couple of quid in electricity
#4
You need to read the --help output of maskprocessor. If you do so, you will find 2 interesting options:
Code:
-q,  --seq-max=NUM         Maximum number of multiple sequential characters
-r,  --occurrence-max=NUM  Maximum number of occurrence of a character

The -r option is what you are looking for. It lets you specify the maximum number of times a single character can occur in a line/plain.

In your case something like:
Code:
mp -r 2 [your_mask] | cudaHashcat -m ...

Please note that you should use the newest version of maskprocessor (mp v 0.72), since earlier versions had some problems with -r etc.

What regards your plan to try very, very hard to generate as little password candidates as possible and prioritize them, I would like to add some notes:
1. yes, but it may only make sense if you are 100% sure that this "policy" (no repetitive chars and maximum occurrence) is strictly followed.
2. it may sometimes just be better to throw faster and more GPUs at it, especially if the max occurrence restriction is not always adhered etc. at the end, if you didn't crack the hash(es) with -q / -r, it is even more complicated to try the "remaining plains" too (which do not follow the max occurrence policy etc) and easier to run the full mask
#5
I'm not clear on one point.

If I'm using a .hcmask file, do I need to specify the mask for maskprocessor (after -r -q) also?

cd /usr/share/cudahashcat/ && ./cudaHashcat64.bin -w 3 -t 10 -m 2500 /root/capture.hccap -a 3 /usr/share/cudahashcat/masks/8=1Capandlower-3lower-4allnosymbols.hcmask

so my syntax when specifying -r -q with maskprocessor would be:

./mp64.bin -q 3 -r 6 -1 ?l?u?d -2 ?u?l ?2?l?l?l?1?1?1?1 | cd /usr/share/cudahashcat/ && ./cudaHashcat64.bin -w 3 -t 10 -m 2500 /root/capture.hccap -a 3 /usr/share/cudahashcat/masks/8=1Capandlower-3lower-4allnosymbols.hcmask