Range for the mask
#1
There is an example of the password that the system creates

password|21|6|8|3|19|17|5|15|3|8|5|6|30|19|0|29|29|18|30|30|1|1|28|15|27|22|24|1|2|17|30|2017

hash md5: 38258CF3CCA96640A92B3DB1849B3F25

My need to make a mask from 0 to 30.
Tell me how you can do this mask.
Adding ?D is not an option, since it will be 99 values instead of 30

Please help implement this.
#2
https://hashcat.net/wiki/doku.php?id=mask_attack

Check the custom charsets section, you may be able to figure a way of doing it that way
#3
Yep,use custom charsets

Use:-1 0123 and -2 0123456789

Then use it by combining as:
password|?1?2|?1?2|…in the mask.
See the article given by TofuBoy for additional info.
#4
password?d?d?d?d with the --increment flag
#5
(10-23-2017, 05:58 PM)slayerdiangelo Wrote: Yep,use custom charsets

Use:-1 0123 and -2 0123456789

Then use it by combining as:
password|?1?2|?1?2|…in the mask.
See the article given by TofuBoy for additional info.

Good idea, I thought in this direction, but tell me the first value of 0 it has 1 character, how to add a condition, to get the value 0 instead of 00
Example:
Code:
hashcat64 -a 3 -m 0  -w  4 -1 123 -2 0123456789 38258CF3CCA96640A92B3DB1849B3F25  "password|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|?1?2|2017"

Get the values
00
01
12
..
39

need
0
1
2
..
9
10
11
..
30
#6
That's gonna be a problem…
Will you be able to say where this one digit number gonna come at? or is it random?
#7
(10-24-2017, 04:50 AM)slayerdiangelo Wrote: That's gonna be a problem…
Will you be able to say where this one digit number gonna come at? or is it random?

|Random number from 0 to 30|
#8
First of all, I do not understand what this notation means:
Quote:password|21|6|8|3|19|17|5|15|3|8|5|6|30|19|0|29|29|18|30|30|1|1|28|15|27|22|24|1|2|17|30|2017

does this mean your password candidates consist of 31 random 1- or 2-digit numbers (21 and 6 and 8 and 3 and ... and 30)? only "password" and "2017" are fixed?
This is of course infeasible to brute-force... way too large keyspace.

Let me, instead, explain a strategy which can be used to bruteforce a string containing digits from 0-30 with a feasible keyspace:

Let's assume we have always 4 random number that can be 1 or 2 digits long and are separated by a dash ("-").
Examples:
6-1-9-3
0-30-2-12
25-1-27-8
16-23-4-14
20-7-30-29
11-13-22-17

You can use a hcmask file https://hashcat.net/wiki/doku.php?id=mas...mask_files that will cope all these passwords/keyspace (you can test it also with hashcat's --stdout command line option):
my.hcmask
Code:
# no day of month > 9:
?d-?d-?d-?d

# one day of month > 9:
12,?1?d-?d-?d-?d
12,?d-?1?d-?d-?d
12,?d-?d-?1?d-?d
12,?d-?d-?d-?1?d

# two days of month > 9:
12,?1?d-?1?d-?d-?d
12,?1?d-?d-?1?d-?d
12,?1?d-?d-?d-?1?d

12,?d-?1?d-?1?d-?d
12,?d-?1?d-?d-?1?d

12,?d-?d-?1?d-?1?d

# three days of month > 9:
12,?1?d-?1?d-?1?d-?d
12,?1?d-?1?d-?d-?1?d
12,?1?d-?d-?1?d-?1?d
12,?d-?1?d-?1?d-?1?d

# four days of month > 9:
12,?1?d-?1?d-?1?d-?1?d

# special cases with day 30 (optimized):
# a single 30:
30-?d-?d-?d
?d-30-?d-?d
?d-?d-30-?d
?d-?d-?d-30

# max two times 30:
12,30-?1?d-?d-?d
12,?1?d-30-?d-?d
12,30-30-?d-?d

12,30-?d-?1?d-?d
12,?1?d-?d-30-?d
12,30-?d-30-?d

12,30-?d-?d-?1?d
12,?1?d-?d-?d-30
12,30-?d-?d-30

12,?d-30-?1?d-?d
12,?d-?1?d-30-?d
12,?d-30-30-?d

12,?d-30-?d-?1?d
12,?d-?1?d-?d-30
12,?d-30-?d-30

12,?d-?d-30-?1?d
12,?d-?d-?1?d-30
12,?d-?d-30-30

# max three times 30:
12,30-?1?d-?1?d-?d
12,?1?d-30-?1?d-?d
12,?1?d-?1?d-30-?d

12,30-30-?1?d-?d
12,30-?1?d-30-?d
12,?1?d-30-30-?d

30-30-30-?d

12,30-?1?d-?d-?1?d
12,?1?d-30-?d-?1?d
12,?1?d-?1?d-?d-30

12,30-30-?d-?1?d
12,30-?1?d-?d-30
12,?1?d-30-?d-30

30-30-?d-30

12,30-?d-?1?d-?1?d
12,?1?d-?d-30-?1?d
12,?1?d-?d-?1?d-30

12,30-?d-30-?1?d
12,30-?d-?1?d-30
12,?1?d-?d-30-30

30-?d-30-30

12,?d-30-?1?d-?1?d
12,?d-?1?d-30-?1?d
12,?d-?1?d-?1?d-30

12,?d-30-30-?1?d
12,?d-30-?1?d-30
12,?d-?1?d-30-30

?d-30-30-30

# max four times 30:
12,30-?1?d-?1?d-?1?d
12,?1?d-30-?1?d-?1?d
12,?1?d-?1?d-30-?1?d
12,?1?d-?1?d-?1?d-30

12,30-30-?1?d-?1?d
12,30-?1?d-30-?1?d
12,30-?1?d-?1?d-30

12,?1?d-30-30-?1?d
12,?1?d-30-?1?d-30
12,?1?d-?1?d-30-30

12,30-30-30-?1?d
12,30-30-?1?d-30
12,30-?1?d-30-30
12,?1?d-30-30-30

30-30-30-30

in theory you could use the custom charset also like this: --custom-charset1 123 instead of --custom-charset1 12 (and the additional special cases), but the problem with that approach is that it will also try dates 31, 32, 33... 39 (which is not what we want).
The problem with hard-coding 30 within the mask could be that it could be slower than just running --custom-charset 123 instead, because masks with less constant strings can be accelerated much better.

The idea should be very clear and this hcmask can be automatically generated by a simple script (or perl/python code etc), but it's also that easy that you can just do it by hand.
Of course, if it get's much larger, this will be also very difficult to write down/generate... the keyspace must be feasible of course