hashcat Forum Deprecated; Previous versions Old oclHashcat Support v
WPA2 crack rules

Threaded Mode
WPA2 crack rules
Hatman Offline
Junior Member
**
Posts: 2
Threads: 1
Joined: Oct 2015
#1
10-13-2015, 12:51 AM
Alright guys,

Need help to speed up cracking WPA2. I'm faced with a password that's 10^16, I know this particular UK router only works with hexadecimal to secure the wifi key which helps a lot as I know it's between 0 and f. From different homes and what not I have noticed that the units within the key doesn't repeat itself more than twice! 

My question is, is there away I can set a rule for oclhashcat not to use the same units more than twice when bruteforce attacking a password?  

Kind regards
Find
undeath Offline
Sneaky Bastard
******
Posts: 2,301
Threads: 11
Joined: Jul 2010
#2
10-13-2015, 12:46 PM
That's quite tricky. *hashcat has no functionality to archive this. You can try to use https://www.thesprawl.org/projects/pack/ to generate some mask files or try creating a specific wordlist for this somehow.
Find
atom Offline
Administrator
*******
Posts: 5,185
Threads: 230
Joined: Apr 2010
#3
10-14-2015, 09:27 AM
That or, maskprocessor has a special option for this
Website Find
Hatman Offline
Junior Member
**
Posts: 2
Threads: 1
Joined: Oct 2015
#4
10-15-2015, 10:11 PM
Thank you very much for the quick reply guys, much appreciated. I seem to have hit a brick wall with maskprocessor, I knocked up a bat file with the following command:
".\mp64.exe -1 ?dabcdef -r 2 ?a?a?a?a?a?a?a?a?a?a -o Hexpasswords
pause" 

The program seems to run and creates my Hexpasswords file but don't generate any passwords, I tried this without -r and I'm able to generate passwords. Have I used the command wrong or is there any known bugs with -r? I'm using v0.73.

Cheers for the link undeath, I haven't python or a linux box setup yet but I'll sort that out this weekend

Kind regards
Find
rico Offline
Member
***
Posts: 230
Threads: 4
Joined: Aug 2015
#5
10-15-2015, 10:52 PM
Because it's still generating the ~600 exabyte file you told it to?  95^10 * 10 bytes = 598736939238378906250 bytes.

Maybe you should use the custom charset you created instead of ?a:

mp64.exe -1 ?dabcdef -r 2 ?1?1?1?1?1?1?1?1?1?1 -o Hexpasswords

That will generate a much more manageable 10 terabyte password file. Good luck!

Strangely, I did notice that mp64 with a -r 2 setting won't repeat any characters at all!
e.g. mp64.exe -r 2 ?d?d -o num

I thought that 00, 11, 22, 33, etc. would be permitted, but nope:

...
09
10
12
13
...
Find
atom Offline
Administrator
*******
Posts: 5,185
Threads: 230
Joined: Apr 2010
#6
10-16-2015, 10:29 AM
Also, don't use -o with maskprocessor for such huge files. There's no reason to do. You can simply pipe the output:

$ mp64 -1 ?dabcdef -r 2 ?1?1?1?1?1?1?1?1?1?1 | ./oclHashcat -m 2500 ...

That works on windows, too
Website Find
rico Offline
Member
***
Posts: 230
Threads: 4
Joined: Aug 2015
#7
10-16-2015, 05:59 PM
(10-16-2015, 10:29 AM)atom Wrote: Also, don't use -o with maskprocessor for such huge files. There's no reason to do. You can simply pipe the output:

$ mp64 -1 ?dabcdef -r 2 ?1?1?1?1?1?1?1?1?1?1 | ./oclHashcat -m 2500 ...

That works on windows, too

What about the maskprocessor -r 2 option that doesn't repeat any characters? As I said, I would've thought "-r 2 ?d?d" would permit 11, 22, etc. Is that a bug or am I missing something?
Find