WPA2 crack rules
#1
Alright guys,

Need help to speed up cracking WPA2. I'm faced with a password that's 10^16, I know this particular UK router only works with hexadecimal to secure the wifi key which helps a lot as I know it's between 0 and f. From different homes and what not I have noticed that the units within the key doesn't repeat itself more than twice! 

My question is, is there away I can set a rule for oclhashcat not to use the same units more than twice when bruteforce attacking a password?  

Kind regards
#2
That's quite tricky. *hashcat has no functionality to archive this. You can try to use https://www.thesprawl.org/projects/pack/ to generate some mask files or try creating a specific wordlist for this somehow.
#3
That or, maskprocessor has a special option for this
#4
Thank you very much for the quick reply guys, much appreciated. I seem to have hit a brick wall with maskprocessor, I knocked up a bat file with the following command:
".\mp64.exe -1 ?dabcdef -r 2 ?a?a?a?a?a?a?a?a?a?a -o Hexpasswords
pause" 

The program seems to run and creates my Hexpasswords file but don't generate any passwords, I tried this without -r and I'm able to generate passwords. Have I used the command wrong or is there any known bugs with -r? I'm using v0.73.

Cheers for the link undeath, I haven't python or a linux box setup yet but I'll sort that out this weekend

Kind regards
#5
Because it's still generating the ~600 exabyte file you told it to?  95^10 * 10 bytes = 598736939238378906250 bytes.

Maybe you should use the custom charset you created instead of ?a:

mp64.exe -1 ?dabcdef -r 2 ?1?1?1?1?1?1?1?1?1?1 -o Hexpasswords

That will generate a much more manageable 10 terabyte password file. Good luck!

Strangely, I did notice that mp64 with a -r 2 setting won't repeat any characters at all!
e.g. mp64.exe -r 2 ?d?d -o num

I thought that 00, 11, 22, 33, etc. would be permitted, but nope:

...
09
10
12
13
...
#6
Also, don't use -o with maskprocessor for such huge files. There's no reason to do. You can simply pipe the output:

$ mp64 -1 ?dabcdef -r 2 ?1?1?1?1?1?1?1?1?1?1 | ./oclHashcat -m 2500 ...

That works on windows, too
#7
(10-16-2015, 10:29 AM)atom Wrote: Also, don't use -o with maskprocessor for such huge files. There's no reason to do. You can simply pipe the output:

$ mp64 -1 ?dabcdef -r 2 ?1?1?1?1?1?1?1?1?1?1 | ./oclHashcat -m 2500 ...

That works on windows, too

What about the maskprocessor -r 2 option that doesn't repeat any characters? As I said, I would've thought "-r 2 ?d?d" would permit 11, 22, etc. Is that a bug or am I missing something?