2 salt problem

[sudoplax]

Hello!
there is my hash:
salt1:HASHalt2

salt1 and salt2 are different and so 3890 does not suit me.

I do so:

Code:

-a 3 -m 10 hash-file 'salt1?a?a?a?a?a?a?a?a?a' -n

thus, salt 2 is taken from hashfile and is inserted from the right. A substituted salt1 left directly from the mask.

but here's the problem. Speed - 140000 h/s
If you remove salt1 from mask, the speed is good, 900 million
How can I be?
ried on linux debian 64bit and windows7 64bit
videocard - ge force 750M

[philsmd]

As far as I've understood your hash type is
md5 ($salt1 . $pass . $salt2)

I also assume here that you are attacking a single hash only.


There are many other attacks that may or may not work faster.
For instance you could use:

-a 6

Code:

-a 6 -m 10 hash_with_salt2.txt  file_containing_salt1.txt '?a?a?a?a?a?a?a?a?a'

-a 7

Code:

-a 7 -m 20 hash_with_salt1.txt '?a?a?a?a?a?a?a?a?a' file_containing_salt2.txt

or even

Code:

-a 3 -m 20 hash_with_salt1.txt '?a?a?a?a?a?a?a?a?asalt2'

Please try yourself which one is the fastest, I have a favorite... but I wanted to only show here that there are many options that an (advanced) *hashcat user should come up with.

Also, mask attacks of length 9 should not be the cleverest way to attack those hashes. It should be really the last thing you should try (in your list of attacks against this hash). Mask attack may only be an option (especially with that 9 random characters) if also the password is really random (the user didn't input the $pass)... or if (as already said) you really did already exhaust every other attack (wordlists, wordlists with rules etc).

Said that, there are many ways you can use to attack this hash without masks. For instance use multiple rules -r general.rules -r append_salt2.rule etc...
This and other possibilities were also mentioned a lot of times in the forum, so please use the forum search and wiki to find answers for wordlist-based attacks with rules that work with md5 ($salt1 . $pass . $salt2) etc