Suggest me some tips and good "small" wordlist for a Hybrid attack
#1
Question 
Lately I have realized that many dictionaries is not good , but better to focus on quality (I have around 40gb of useless dictionarys).

Now i think that the best way is to try a Hybrid attack with small wordlists with 4-5-6-7, and a digit mask (?)

Now some questions:
  • I have literally every wordlist on this planet (probably), can you now suggest some wordlist usefull with the Hybrid attack?
  • I'm working on DesUnix passw, should i also try dict+mask that try >8 characters?
  • Can you suggest some good rules over Base64?
  • For Hybrid attacks Dict+mask or mask+dict, what you suggest as mask and as dict words length? (this is the important question for me)

Whatever your help is well appreciated. Thanks!
#2
(04-07-2015, 11:09 AM)giog7789 Wrote: [*] I have literally every wordlist on this planet (probably), can you now suggest some wordlist usefull with the Hybrid attack?

A good wordlist for hybrid is rockyou.txt it's sorted by occurance so you can head -XXXX it to the size you want while keeping the quality. But that's actually not needed as it's not too big.

(04-07-2015, 11:09 AM)giog7789 Wrote: [*] I'm working on DesUnix passw, should i also try dict+mask that try >8 characters?

For descrypt it makes no sense to check any passwords length > 8. It will not work. However, check this article:

https://hashcat.net/wiki/doku.php?id=fre...em_instead

(04-07-2015, 11:09 AM)giog7789 Wrote: [*] Can you suggest some good rules over Base64?

A good new rule is dive.rule but its big!

(04-07-2015, 11:09 AM)giog7789 Wrote: [*] For Hybrid attacks Dict+mask or mask+dict, what you suggest as mask and as dict words length? (this is the important question for me)

For -a 6 I'm using -1 ?l?d?s ?1?1?1 as symbols are most of the time on the end of the password, like !!! or so
For -a 7 it's different, also note that the first char often is uppercased. I'd use something like -1 ?l?d?u ?1?1?1
#3
Thanks a lot Atom!

Last question.

Can i see the word hashcat is reading (trying) at a given time to see if I set everything well ?

(something like JtR do. Example: abcd90.....abcde01)
#4
No, mostly because with oclHashcat it's not a serial process, so there's no "current" password.