Max Pass Length using Wordlists
#1
How do I set the maximum password length to say 16 characters? I'm using attack mode 1, two dictionary files.

I'm using Hashcat 4.0.1.

I checked --help and couldn't find what I'm looking for.
Reply
#2
Unless you're attacking a slow hash, it may not be worth skipping the longer files.

If it's a slow hash, you could use 'combinator' from hashcat-utils, and then pipe that through 'len' (also from hashcat-utils), to skip the candidates that are too long, and then pipe those to hashcat.
Reply
#3
(11-29-2017, 10:40 PM)royce Wrote: Unless you're attacking a slow hash, it may not be worth skipping the longer files.

If it's a slow hash, you could use 'combinator' from hashcat-utils, and then pipe that through 'len' (also from hashcat-utils), to skip the candidates that are too long, and then pipe those to hashcat.

It's not really a slow hash I guess, just slow to me. I like things to be instant lol.

I'm using a 1070 Ti.


Code:
Session..........: raw14
Status...........: Running
Hash.Type........: vBulletin < v3.8.5
Hash.Target......: hash.txt
Time.Started.....: Wed Nov 29 15:22:31 2017 (32 mins, 38 secs)
Time.Estimated...: Wed Nov 29 15:56:27 2017 (1 min, 18 secs)
Guess.Base.......: Mask (?1?1?1?1?1) [5], Left Side
Guess.Mod........: File (names.dic), Right Side
Guess.Charset....: -1 ?d-_., -2 Undefined, -3 Undefined, -4 Undefined
Speed.Dev.#1.....:  5025.0 MH/s (31.50ms)
Progress.........: 899055458509/1293873677954 (69.49%)
Candidates.#1....: -04711 -> 70_71moment
Reply
#4
So is there any way to change this?


Quote:hashcat (v4.0.1) starting...


* Device #1: WARNING! Kernel exec timeout is not disabled.
             This may cause "CL_OUT_OF_RESOURCES" or related errors.
             To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1070 Ti, 2048/8192 MB allocatable, 19MCU

Hashes: 1647007 digests; 1647007 unique digests, 1 unique salts
Bitmaps: 18 bits, 262144 entries, 0x0003ffff mask, 1048576 bytes, 5/13 rotates

Applicable optimizers:
* Optimized-Kernel
* Zero-Byte
* Precompute-Init
* Precompute-Merkle-Demgard
* Meet-In-The-Middle
* Early-Skip
* Not-Salted
* Not-Iterated
* Single-Salt
* Raw-Hash

Password length minimum: 0
Password length maximum: 31

Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 75c

Dictionary cache hit:
* Filename..: names.dic
* Passwords.: 158399
* Bytes.....: 1586560
* Keyspace..: 2059187
Reply
#5
nope.
Reply
#6
Of course, just do not use -O
Reply
#7
but he wants to lower it!
Reply
#8
You could also just use reject rules from: https://hashcat.net/wiki/doku.php?id=rul...ect_plains

e.g.
Code:
hashcat -m 0 -a 0 -w 3 -j "<G" hashes.txt names.dic


note: that you must make sure that you escape the < (less than) symbol correctly within your shell command (this depends on your operating system and shell)
Reply