Custom symbol character set
#1
Problem 1: I've got a mask file I'm trying to use a custom character set for the symbols, but keep getting a syntax error. Basically I want to use the ?s, but I know there are no spaces, so what do I need to do?

Problem 2: I've trying using the -1 on the command line with the mask file, but apparently that's not supported. Short of adding the 1st custom character set to each line in my mask file, is there any global way to set ?1 for the entire file without adding it to every line that needs it (which is all of them)?
#2
The syntax is explained here:
https://hashcat.net/wiki/?id=mask_attack...mask_files

(and also within the FAQ: https://hashcat.net/wiki/doku.php?id=fre..._mask_file)

#1 if you want to use a custom charset without spaces, just use something like this:
Quote:!"#$%&'()*+\,-./:;<=>?@[\]^_`{|}~,?a?a?a?a?1
where !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~ is defined as your custom charset 1 (-1 or --custom-charset1) and ?a?a?a?a?1 is your mask (which is using ?1)

#2 the custom charsets must be defined within the .hcmask file for each line that uses custom charsets (remember: previous versions of hashcat did have this "feature" to be able to use the custom charset defined on the command line and/or the default custom charsets, but users were utterly confused about this... whenever they forgot to set the correct custom charset within the line, they reported problems with "unexpected" behaviour... "hashcat doesn't work correctly, it uses the wrong mask". The way it currently is, it will give you a clear error message that you should tell hashcat what custom charsets you want to use for each mask).
#3
#2 - That's what I was afraid of. Oh well, nothing a find and replace can't fix.

#1 - Your line looks like what I tried, but it doesn't work. I had figured out I need to escape the comma (the error message is different if you don't), but that didn't work and the wiki didn't really cover this, so I finally posted. Here's a line from my hcmask file (the $1 is the last character):

    !"#$%&'()*+\,-./:;<=>?@[\]^_`{|}~,?d?d?d?d?l?u?l?u?l?1

Comparing your suggested character set (bottom) to mine (top), they look identical:

    !"#$%&'()*+\,-./:;<=>?@[\]^_`{|}~
    !"#$%&'()*+\,-./:;<=>?@[\]^_`{|}~

But when I run this, I get (hashcat 3.6.0):

    Watchdog: Temperature retain trigger set to 75c

    Syntax error: !"#$%&'()*+,-./:;<=>?@[]^_`{|}~

I do notice two things in the error message - 1 the comma escape is gone but that's probably OK, and 2 the literal backslash is gone too, the one between []. Changing the section [\] to [\\] gets rid of the second issue, but I still get a syntax error.

Even when I escape every symbol, I still get the syntax error.
#4
oh, you are right. I actually didn't test it and just noticed the , (the only thing that I escaped).

The correct syntax, according to the custom charset definition wiki is that you also have to escape all question mark (?? means literal ?, such that someone can write ??1 for a literal "?1" etc)

the working line is this:
Quote:!"#$%&'()*+\,-./:;<=>??@[\\]^_`{|}~,?d?d?d?d?l?u?l?u?l?1

Again, this is all mentioned within the wiki. My mistake was to just copy paste the characters from ?s and only remove the space and escape the "," (I should have also escaped the ? with ??).
#5
Thank you. That works for me too. I guess my mistake was missing the ?? . Funny that you can't escape the ? with a \ like this \? . So \ isn't a universal escape character...
#6
Yeah, that's true that there are 2 different escaping rules.

The one about the masks (?? for a literal "?") was always there: see https://hashcat.net/wiki/?id=mask_attack#masks
This is also how it works (and always worked) if you set a custom charset on the command line directly. e.g:
Quote:hashcat -m 0 -a 3 -2 ?? hash.txt ?2
or a mask directly on the command line:
Quote:hashcat -m 0 -a 3 hash.txt ??


The \#, \, etc escaping was introduced when support for .hcmask files was added and by the time it felt to be the most frequently used one (also for other projects/standards) and easiest to understand.

It's true that in theory one single type of escaping and therefore a smaller/easier set of rules would maybe be possible if you design the whole syntax of both (custom charsets/masks and .hcmask files) today.

In my opinion it's not too much of a problem. Changing it would make a lot of .hcmask and commands unusable.
It's actually easy to think like this: whenever I put a literal ? I need to prepend another ? to make it ?? to diffentiate it from ?1/?2/?3/?4. This is true for masks/custom charsets, both within .hcmask files and also directly on command line. In addition to that we have to escape a "#" with "\#" if we want to have it at the beginning of the line and we need to escape all commas with "\," if we want the literal comma.