Posts: 18
Threads: 4
Joined: Sep 2011
10-06-2011, 09:01 AM
(This post was last modified: 10-06-2011, 09:34 AM by fast_checkmate.)
first of all, it's WPA/WPA2
I've know for sure the password starts with the letters "pr*******", it is in my dictionary, but suffers from digit mutation. How do i know that? I've tried a Elcomsoft WSA trial and he found it.
I've stripped down the dictionary i used only to have just the words that start with "pr" (approximately 21000 words)
How can i command hashcat to try all the words in the dictionary with digit mutations?
Also, where could i find some resources of making rules? i'm finding the provided help not enough
Thanks
PS.. generating a new dictionary using maskprocessor (mp64.exe -1 abcdefghijlmnoprstuv0123456789 pr?1?1?1?1?1?1?1) it's gonna give me a very large file..
Posts: 5,185
Threads: 230
Joined: Apr 2010
why generating a file? just pipe it.
mp64 -1 abcdefghijlmnoprstuv0123456789 pr?1?1?1?1?1?1?1 | oclHashcat-plus64 -m 2500 bla.hccap
Posts: 18
Threads: 4
Joined: Sep 2011
yes, but this is not the optimum solution..
there are 28+10 characters (letters + numbers) - 38^7 / 90000 c/s = 353 hours to run
EWSA runs the digit mutation + dictionary in less than 5 minutes (because it doesnt do all the 30^7 combinations)
i've made it in access : get my dictionary, create another one with numbers from 1 to 9999, and do a Cartesian multiply between those two.. i think i'll get lucky
Thanks
Posts: 5,185
Threads: 230
Joined: Apr 2010
i guess you explained yourself wrong. if you want to run a hybrid attack, you should use rules. you can generates rules with maskprocessor.
Posts: 18
Threads: 4
Joined: Sep 2011
is there a manual on how to create rules?
as i said, i want to combine all the words in the dictionary with numbers from 0 to 9999
aa0,aa1,aa2,....aa9999
ab0,ab1,ab2,....ab9999
ac0...
zz0,zz1,zz2,...zz9999
Posts: 5,185
Threads: 230
Joined: Apr 2010
yes, on inofficial wiki. its what i am currently working on but not open to public yet. guess you have to wait or search the web for an howto, there are many
Posts: 18
Threads: 4
Joined: Sep 2011
the unofficial wiki is for maskprocessor or hashcat? cand you give me a link?
Thanks
Posts: 4
Threads: 0
Joined: Sep 2011
@fast_checkmate,
Please by all means continue this thread so we all get answers and be sure to let us know either way so we can all learn. Google EWSA and Tsearch or try here
http://sethioz.co.uk/forum/viewtopic.php?f=47&t=471 I didn't read that thread but they all say more or less the same. It is a work around to get EWSA to show you the password even trial version. Sorry Atom quick simple solution until solved otherwise.
Posts: 5,185
Threads: 230
Joined: Apr 2010
Posts: 18
Threads: 4
Joined: Sep 2011
Thanks Rafe, your solution is good, i'm gonna give it a try
But i'm also interested in creating rules for hashcat..
Since it's (almost) impossible to crack 10 characters passwords using bruteforce and since nobody uses 10 random letters as a password, the combination of dictionary and rules is the best approach
Atom, thanks again for the software and we are waiting for the rules.. are they similar to john the ripper rules?
