Which way is faster
#1
If i have a password for instance "zxcghj12"
which way will crack it faster?
creating a wordlist for 8 chars pass is too big
bruthforce 8 char with 6 letters and 2 digits is lots of passwords to try 
other way is using mask with ?l?l?l?l?l?l?d?d
which way is the fastest to go?
lets assume that zxcghj is not in the wordlist
#2
If you want to do BF, use -a 3, not -a 0
#3
(03-31-2017, 03:41 PM)atom Wrote: If you want to do BF, use -a 3, not -a 0

Yes i know that
but which way hashcat is faster?
using dictionary list?
using bruth force?
or a mask attack mode?
password example is "zxcghj12"
#4
(04-02-2017, 09:21 AM)Dot Wrote:
(03-31-2017, 03:41 PM)atom Wrote: If you want to do BF, use -a 3, not -a 0

Yes i know that
but which way hashcat is faster?
using dictionary list?
using bruth force?
or a mask attack mode?
password example is "zxcghj12"

A dictionary attack would be faster, but only if the dictionary contains that password.  If you brute force that mask, ?l?l?l?l?l?l?d?d, then that is still fast, but only because it ends in two numbers.

You can brute force an 8-character password, but only for fast hashes.  It is not time efficient for most hash types.

For this particular type of password, which has consecutive sequences of keyboard keys in it, you could make a password file that has those 3-letter or 4-letter sequences, combinate them together and then add your favorite rules on the result of those combinations.  This particular password would break very quickly.

Answer these questions and you will be closer to your answer.

For a mask attack, how many characters will be tried for that mask, "?l?l?l?l?l?l?d?d"?
How many characters will be tried in the 7th and 8th positions if they are digits instead of letters or special characters?
What hash type are you using and how fast can hashcat try combinations against that hash type?
#5
Thanx for you answer
the password is just an example of random letter and 2 digits just that its not a real word
so it probably wont be in a word list. so a combination of this 3 letters is not an option.
so the options are to make a world list for 8 chars with 6 letters and 2 digits which is over a few millions i guess.
the other option is to use a mask of ?l?l?l?l?l?l?d?d
the hash is md5.
so thats what i want to know is hashcat using the GPU will be fast running a wordlist or trying masks.
wordlist against mask mode which one is faster for md5 hash
#6
Well, the following facts should be very obvious but maybe you are asking for them:
- if the dictionary is very small and dedicated a word list attack (-a 0) would be smarter/better
- if a dictionary contains a lot of garbage or randomly generated "passwords", mask attack (-a 3) would be smarter/better
- in general, if the dictionary is very huge and contains almost the same amount of password candidates that would be generated by mask attack, then mask attack (-a 3) would be smarter/better
- whenever you can avoid disk IO (very slow compared to on-the-fly password candidate generation!) but still can attack the hash very well with a very special/dedicated mask, go for the mask attack (-a 3)
- dictionary attack (-a 0) is always smarter if you need to generate password candidates (with rules etc) based on some specific words (and apply rules on them)
- brute-force is almost always the last thing you should try, i.e. you should either run very specific mask(s) or apply rules on some base words (attention: there are exceptions because there are some other attack modes that hashcat supports and sometimes are much more clever, like dict + mask, mask + dict, dict1 + dict2, etc)
- even with the fastest SSD you won't be faster @ generating/loading password candidates (compared to mask attack), so do not think about "hey, I can precompute this, I just need a huge SSD" (it doesn't work like this). The password candidates need to be loaded from the disk and transfered to your GPUs, this makes it much slower than mask attack
...

So, as you can see it all depends on your situation... but one thing is very obvious, generating very huge dicts shouldn't be done! It's much slower and you even need a lot of time to generate them and a lot of disk space.

Hope this helps a little bit
#7
Yes
than that helps a lot
so if i dont have a clue what the pass is but i know that it most be 8 char and i know the last 2 are digits
its better to use the mask then create a huge word list with every possible 6 chars and 2 digits right?
#8
yes, definitely