proper use of increment option
#1
I'm using hashcat installed via homebrew on my macbook pro 10.11.6 on a series of WPA hccapx files, and I want to use the `--increment` options. the syntax i'm using is

Code:
hashcat -m 2500 -a3 --increment --increment-min 8 --increment-max 10 /Users/ldawg/crack/Dumps/DumpLogAAA-2.hccapx ?d?d?d?d?d?d?d?d?d?d?d

i've tried rotating the switches, removing --increment-min 8, inserting = signs after min and max, and reducing the mask to only eight ?d?d?d?d?d?d?d?d. Each time, I get the same results, namely:

"Password length minimum: 8
Password length maximum: 63"

The output suggests the min-max options aren't recognized, but apart from that, the commands work fine and return no errors. It's as if the min-max options don't work for me. This isn't just on my mac, but on my The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) linux too I get the same results. I've read the pertinent FAQs and scoured the forum for --increment usage. I tend not to think this functionality is broken, so please forgive my ignorance and help me better understand the proper syntax.
#2
We need to distinguish between the minimum and maximum password length supported by the algorithm and OpenCL kernels ... and the settings the user sets (with --increment-max for instance).

What you quoting is the supported length by the algorithm and OpenCL kernel (this normally changes when the user uses -O, but for -m 2500 and other algorithms it is behaving different again, mainly because they are slow hashes and there is almost no difference between full-length kernels and limited-length kernels etc).

You could troubleshoot your "problem" (which basically is just a misunderstanding) by playing around with --stdout:

Code:
hashcat --stdout -a 3 --increment --increment-min 2 --increment-max 3 ?d?d?d?d

You will notice that the length of the words in the output are only 2 and 3 digits long (even if the max is longer)... the same happens with longer masks (but of course they would take longer to generate).
#3
The "min-max" options are used for the mask, therefore looks good to me (since WPA is also limited to a min of 8).
#4
(11-26-2017, 10:10 AM)atom Wrote: The "min-max" options are used for the mask, therefore looks good to me (since WPA is also limited to a min of 8).

Thanks for the feedback, but it's still unclear to me how to properly set the increment max to 10 characters (which, in my case, aims for a max of 10 numerical digits).
#5
I believe what atom and philsmd are saying is that your syntax is correct.  The 8 and 63 numbers that you are seeing shows you what the min and max size is for WPA in general.  That's different than the min and max size of the candidates you want to produce based on your syntax.
#6
(11-27-2017, 01:12 AM)catwoman Wrote: Thanks for the feedback, but it's still unclear to me how to properly set the increment max to 10 characters (which, in my case, aims for a max of 10 numerical digits).

You had it correct, but your command can be simplified to just:

Code:
hashcat -m 2500 -a 3 -i /Users/ldawg/crack/Dumps/DumpLogAAA-2.hccapx ?d?d?d?d?d?d?d?d?d?d

WPA has a minimum password length of 8 characters, so specifying ''--increment-min 8'' is a no-op -- it will automatically start incrementing at length 8. And if you make your mask exactly 10 positions long, then ''--increment-max 10'' is a no-op as well.
#7
(11-27-2017, 01:49 AM)epixoip Wrote:
(11-27-2017, 01:12 AM)catwoman Wrote: Thanks for the feedback, but it's still unclear to me how to properly set the increment max to 10 characters (which, in my case, aims for a max of 10 numerical digits).

You had it correct, but your command can be simplified to just:

Code:
hashcat -m 2500 -a 3 -i /Users/ldawg/crack/Dumps/DumpLogAAA-2.hccapx ?d?d?d?d?d?d?d?d?d?d

WPA has a minimum password length of 8 characters, so specifying ''--increment-min 8'' is a no-op -- it will automatically start incrementing at length 8. And if you make your mask exactly 10 positions long, then ''--increment-max 10'' is a no-op as well.

Excellent, many thanks for clarifying. In yall's opinions, would it be worth putting in a feature request that better clarifies this in the command output?