smart bruteforce

[bobva]

i want to crack a password with this rules:
the len for the password is 8-9
the order of the letter is:
0-9: 0-3 chars
a-z:3-5 chars
A-Z: 1 char
!@#$%^ : 0-2 char

for example (Azsx@2#3)
i dont want to do a bruteforce for 0-9,a-z,A-z,!@#$%^ with len 8-9... this is a lot of years...

how can i make this rules in hashcat?

thank u
bob

[undeath]

Create multiple masks that cover all possibilities and put them into a hcmask file.

[kartan]

I know what you want to do but there is no completely straight forward method in achieving this as of now.
For that one example attack you posted I personally would probably go by undeath's method and generate every possible mask. However you can also take a look at statsprocessor. The default chain hashcat.hcstat which is derived from rockyou should give you like 70-80% of what you want. The benefit of this method is that your attack doesn't stop when the masks are exhausted, they just go all the way till the keyspace is exhausted if you so wish. Depending on your "mask" you might cook up a special hcstat to push your desired candidates to the top.

[undeath]

so i was a bit bored. http://pastebin.com/6xYxPPZ8

[kartan]

saved that shit

[bobva]

so i was a bit bored. http://pastebin.com/6xYxPPZ8

Thanks very much for this code, how can i ran this python on hashcat??

[bobva]

so i was a bit bored. http://pastebin.com/6xYxPPZ8

i make a hcmask file with your python.
but i get ?l?l?l?l?l?u?s?s in the first line

if a run the hash cat with this mask file the hashcat try to crack only this order... like aaaaaA@#
and dont try aaaaa@A#

how can i make all the option

thank u

[undeath]

You seem to be using the word "order" wrongly which led to some confusion. If you want to match a password policy have a look at PACK https://thesprawl.org/projects/pack/

[ciphercodes]

Try this..

Code:

?d?d?d?l?l?l?l?l?u
?d?d?d?l?l?l?l?u
?d?d?d?l?l?l?l?u?s
?d?d?d?l?l?l?u?s
?d?d?d?l?l?l?u?s?s
?d?d?l?l?l?l?l?u
?d?d?l?l?l?l?l?u?s
?d?d?l?l?l?l?u?s
?d?d?l?l?l?l?u?s?s
?d?d?l?l?l?u?s?s
?d?l?l?l?l?l?u?s
?d?l?l?l?l?l?u?s?s
?d?l?l?l?l?u?s?s
?l?l?l?l?l?u?s?s

[bsec]

Generated using policygen.py from PACK, hcmask file: https://www.sendspace.com/file/c1pnfq

$ wc -l bobva.hcmask
24234 bobva.hcmask

random lines:

?d?d?d?l?l?d?l?u
?d?d?d?l?l?d?u?l
?d?d?d?l?l?l?d?u
?d?d?d?l?l?l?l?u
?d?d?d?l?l?l?u?d
?d?d?d?l?l?l?u?l
!@#$%^,?d?d?d?l?l?l?u?1
!@#$%^,?d?d?d?l?l?l?1?u
?d?d?d?l?l?u?d?l
?d?d?d?l?l?u?l?d
?d?d?d?l?l?u?l?l
!@#$%^,?d?d?d?l?l?u?l?1
!@#$%^,?d?d?d?l?l?u?1?l
!@#$%^,?d?d?d?l?l?1?l?u
!@#$%^,?d?d?d?l?l?1?u?l
!@#$%^,?1?1?u?l?l?d?l?d?l
!@#$%^,?1?1?u?l?l?d?l?l?d
!@#$%^,?1?1?u?l?l?d?l?l?l
!@#$%^,?1?1?u?l?l?l?d?d?d
!@#$%^,?1?1?u?l?l?l?d?d?l
!@#$%^,?1?1?u?l?l?l?d?l?d
!@#$%^,?1?1?u?l?l?l?d?l?l
!@#$%^,?1?1?u?l?l?l?l?d?d
!@#$%^,?1?1?u?l?l?l?l?d?l
!@#$%^,?1?1?u?l?l?l?l?l?d