02-08-2015, 08:22 PM
Is it possible to crack a 10 characters password given that it will only be made out of lower and uppercase english letters?
|
Is it even possible?
|
02-08-2015, 08:37 PM
02-08-2015, 09:19 PM
Well, the character set is 26+26 = 52. Ten characters is 52^10 = 144,555,105,949,057,024 possible passwords. At 10m/sec (which is very low depending on the hash), ~458 years.
BUT...10m/sec is low for many types of hashes*, even using a cpu. Also, wordlists, if it is based on a dictionary word, are many times more efficient than brute forcing it. As for the mask, just use a variable, e.g. -2 ?l?u ?2?2?2?2?2?2?2?2?2?2 -- *Many, but not all. Depends on the hash.
02-08-2015, 09:32 PM
(02-08-2015, 09:19 PM)rsberzerker Wrote: Well, the character set is 26+26 = 52. Ten characters is 52^10 = 144,555,105,949,057,024 possible passwords. At 10m/sec (which is very low depending on the hash), ~458 years. well thx  before i get possibly too annoying, i am having trouble making the mask.An example of the password i am trying to crack would be 22-aBcdEfgGid I do not know where the caps will be nor what the number at the start is so far i have ?d?d"-"<the salt> how do i mask the salt?
02-08-2015, 09:55 PM
Ok i got the hang of the mask and now it says i need to wait 10 years -.-
02-08-2015, 10:01 PM
Sorry for spamming but is there a way to ask hashcat to crack on the first digits and not the salt? because it seems i can make use of -m 1410 which says Sha256(pass.salt) i only want the first 2 numbers what do i do?
02-08-2015, 11:49 PM
If you have the hash, you should have the salt too. Hashcat (and oclhashcat), given the right -m parameter, will automatically use the salt. You don't need to crack that.
02-09-2015, 07:22 PM
|
|
« Next Oldest | Next Newest »
|
