Seeking Sensei
#1
Hello folks,

new here and glad to be on board.... let me start off by saying that Hashcat is the BOMB!!....though I currently fail to fully grasp it, I understand its flexibility and sheer genius....

I'm here today as a disciple seeking a master to teach me the ways of the crack (cough, cough Atom, Epixoip cough.....yes iv done my pre-reading...notably over the issue of selling cracking rigs without really having the knowledge of how they work (loal)... I must say I was rather touched by how Epixoip defends this community...GOODONYA!)

[url=https://hashcat.net/forum/user-1746.html][/url].....we all know that the true art of password cracking is not the magic of hashcat but rather everything in between that moment you capture a handshake and the end when hashcat spits out the code thanks to the mask/dic./policy/rules the user....used...

iv been able to run some simple dictionary attacks and masks but im a little at a loss on the following.....

Question 1

say Jeff decides to set up a new wifi network with wpa2 encryption.... we know that the key needs to be at least 8 digits long.....Jeff is rather lazy and has the memory span of a gold fish so he decides to use "jeff2017"(8digits) as his passphrase...

his mischievous neighbor Billy does not know that the new neighbor is called Jeff but decides to attempt to crack the handshake by appending 2017 to an alpha combination.....

how would he get by doing this? how does one tell hashcat to try and combine a minimum of 4 letters and 2017?

I realize the simple mask would be hashcat -a 3 -m 2500 <hash> ?l?l?l2017 -o bla bla bla

but what if the code was "tommy2017"(9 digits)? does Billy have to retype the command adding a new letter variable every time?

if im not mistaken this what the increment option is for.... but when I try to increment something like this...

hashcat -a 3 -m 2500 <hash> ?l?l?l?l?l?l?l2017 -i -o bla bla bla

hashcat will literally go through all of the letter variables before appending the 2017 to them, where as I would like it to try 4 letters + 2017 then try 5 letters + 2017 and so forth.....

do I need to do a hybrid attack in this case?

Question 2

in the case of straight dictionary attack how do i filter out words that are not at least 8 digits long

Question 3

Im a little confused as to what policy vs maskgen does and how they work, if someone could enlighten me on the matter it would be much appreciated....


Thank you for your work and this program and thank you in advance for your help

regards
Jeff (huh?....what am I doing here?)
#2
So, if you really want to learn from me, I am doing a free* training class at CircleCityCon this weekend on June 10. There are still four open seats. https://circlecitycon.com/news/glossary/...ike-a-pro/

But to quickly answer each question:

1 - wordlist + rules, or hybrid
2 - len.bin or awk
3 - maskgen generates a probabilistic hcmask file. policygen generates an hcmask file based on password complexity requirements.

* Conference tickets are $150, and there's an additional $15 fee to register for the class to prevent people from signing up but not attending. But I am not getting paid for the training, I'm doing it for free.
#3
As much as I would love to be physically present to your cours I currently reside in continental Europe, so sadly, thats a no go....but best of luck and thank you for the swift reply. Ill do some research on those terms you threw at me