Posts: 3
Threads: 1
Joined: Feb 2018
02-06-2018, 03:25 AM
Hello, this is the first time I am using Hashcat so sorry if this ends up being a "noob" question. I got everything setup to try and crack an iTunes backup password and it is running, but very slowly. I used
this guide to get the hash, and then followed
this guide to get the command setup. Below you will see the command I used. I noticed that its set to try and crack passwords 0-256 char in length. I would like to change that to 8-14, alpha numeric without symbols. I have searched all over the web on how to change this, but can't seem to get the syntax right. I would really appreciate if someone could help me with this small part. Then I can try it again and hopefully it will reduce the amount of time (currently 7 years) down to something more reasonable like a few weeks.
![[Image: 1.png?access_token=1!IZLhkUoBYUbd-NfwFWW...ion=1.28.1]](https://public.boxcloud.com/api/2.0/internal_files/273930263581/versions/288272097337/representations/png_paged_2048x2048/content/1.png?access_token=1!IZLhkUoBYUbd-NfwFWW6Sj-HoIOVe64N2XP3FEDs13-NZQNP3-eTg6R_wAoCtx3Er-GlkQdTU-QTI24eIkNQ7AKZ71-c_QWWSLU1HxDtRjnyo2R8LhIK3FENbeqMG9wSpMnhNxE-eRAuI5kOHKWW8z_AM55iEOgE5WSKGLonVBBlfr_gMT4K0k9l1w6PrHkdYez7UvfhIo32f57fhVScJoPWJVi0VkBnwHAdmlT-ZiZtlp7AdrOVOXez1lZqhiiFLVXF4M9f-k7EnYrozQPOPjTr5YBbBqJmtyEvEk-FkUcKrfQHYtzBLax2kktKMSmzh6j2IfAqC6pu-E777K496NE0vHWz8oX2iAcGYt1kwgqImh_3bAjc9Hj1MF74jxsoN4oKNhpanLDSCA..&box_client_name=box-content-preview&box_client_version=1.28.1)
Thanks for any help the community can provide!
Posts: 930
Threads: 4
Joined: Jan 2015
02-06-2018, 03:35 AM
(This post was last modified: 02-06-2018, 03:51 AM by royce.)
Short answer: add the '-O' flag.
The default min and max lengths shown are very broad, and not as specific as any particular attack (though they do have broad impact on attack speed). It's about your *possible* length range, given the current kernel. By default, hashcat now allows these longer-length attacks by using kernels that permit it.
It's clear from your attack that you don't need the longer length. So to override the default, you can add the -O (capital letter O, same as "--optimized-kernel-enable") option to switch to optimized kernels, which are quite a bit faster and will match your attack better.
Most people will probably want to use -O most of the time (unless they know that longer passwords are in scope for the attack).
~
Posts: 3
Threads: 1
Joined: Feb 2018
Hi Royce, thanks for your fast reply. I tried adding -O to the end of the command but its still saying min 0, max 256.
Do I need to move the -O to somewhere else in the command?
Also how do I define the 8-14, alpha numeric without symbols?
Posts: 2,301
Threads: 11
Joined: Jul 2010
The min 0, max 256 is just technical information and not directly related to the actual password candidates processed.
Regarding the creation of masks see the wiki article:
https://hashcat.net/wiki/doku.php?id=mask_attack
However, doing a mask attack with such a large keyspace is not going to complete within your lifetime.
Posts: 3
Threads: 1
Joined: Feb 2018
Hi undeath thanks for that link, I have a much better understanding of how this works now.
You're right, its looking pretty much impossible to crack iTunes backup passwords unless I have any kind of clue as to what part of the password could be. At least it was a fun learning experience! Thanks for your help!
