How to change password length (min/max)
#1
Question 
Hello, this is the first time I am using Hashcat so sorry if this ends up being a "noob" question. I got everything setup to try and crack an iTunes backup password and it is running, but very slowly. I used this guide to get the hash, and then followed this guide to get the command setup. Below you will see the command I used. I noticed that its set to try and crack passwords 0-256 char in length. I would like to change that to 8-14, alpha numeric without symbols. I have searched all over the web on how to change this, but can't seem to get the syntax right. I would really appreciate if someone could help me with this small part. Then I can try it again and hopefully it will reduce the amount of time (currently 7 years) down to something more reasonable like a few weeks.

[Image: 1.png?access_token=1!IZLhkUoBYUbd-NfwFWW...ion=1.28.1]

Thanks for any help the community can provide!
Reply
#2
Short answer: add the '-O' flag.

The default min and max lengths shown are very broad, and not as specific as any particular attack (though they do have broad impact on attack speed). It's about your *possible* length range, given the current kernel. By default, hashcat now allows these longer-length attacks by using kernels that permit it.

It's clear from your attack that you don't need the longer length. So to override the default, you can add the -O (capital letter O, same as "--optimized-kernel-enable") option to switch to optimized kernels, which are quite a bit faster and will match your attack better.

Most people will probably want to use -O most of the time (unless they know that longer passwords are in scope for the attack).
Reply
#3
Hi Royce, thanks for your fast reply. I tried adding -O to the end of the command but its still saying min 0, max 256.
Do I need to move the -O to somewhere else in the command?
Also how do I define the 8-14, alpha numeric without symbols?
Reply
#4
The min 0, max 256 is just technical information and not directly related to the actual password candidates processed.

Regarding the creation of masks see the wiki article: https://hashcat.net/wiki/doku.php?id=mask_attack

However, doing a mask attack with such a large keyspace is not going to complete within your lifetime.
Reply
#5
Hi undeath thanks for that link, I have a much better understanding of how this works now.
You're right, its looking pretty much impossible to crack iTunes backup passwords unless I have any kind of clue as to what part of the password could be. At least it was a fun learning experience! Thanks for your help!
Reply