Posts: 9
Threads: 3
Joined: Apr 2018
Hi, I'm trying to crack a handshake using a bruteforce attack....I know the password has 12 characters uppercase+numbers, which is a lot of permutations, but I also know that all the characters in the password are unique, so I don't want hashcat wasting it's energy going through passwords with duplicate chars. Is there a rule or function I can use? I didn't find any in the wiki
Here's my code so far...
hashcat64.exe -m 2500 -a 3 capture.hccapx -1 ?u?d ?1?1?1?1?1?1?1?1?1?1?1?1
I appreciate any help!
Posts: 930
Threads: 4
Joined: Jan 2015
04-22-2018, 07:51 PM
(This post was last modified: 04-22-2018, 07:55 PM by royce.)
I encourage you to calculate how much of a difference in total keyspace this would make - and how long your attack will take even if these duplicates were removed.
Here is a value that might be helpful with your calculation.
Code:
$ mp64 --combinations -1 ?u?d ?1?1?1?1?1?1?1?1?1?1?1?1
4738381338321616896
This - (26+10)^12 - is how many guesses it will take to exhaust the keyspace.
Taking this number, and dividing it by hashes/second rate of your platform, should make it clear that your attack, even if you could cut the time in half (which would be much better than the keyspace reduction you're trying to do), will take a very very long time to run.
But I still encourage you to do the math for yourself, because it's hard to assimilate/believe until you do it yourself. Always do the math.
~
Posts: 2,301
Threads: 11
Joined: Jul 2010
04-22-2018, 08:25 PM
(This post was last modified: 04-22-2018, 08:27 PM by undeath.)
(04-22-2018, 07:51 PM)royce Wrote: even if you could cut the time in half (which would be much better than the keyspace reduction you're trying to do), will take a very very long time to run.
Actually, if my math isn't off, it would cut the attack space almost by eight. However, your point still stands. The attack space is way too large.
36! / (36-12)! / 4738381338321616896 ~ 0.127
Posts: 930
Threads: 4
Joined: Jan 2015
Yep, that looks right to me. I need to upgrade napkins.
~
Posts: 9
Threads: 3
Joined: Apr 2018
Yeah, I was just using a general example and didn't realize that a 12 char passcode would take years even on a gaming PC. But lets assume it's only a 6 char password...
hashcat64.exe -m 2500 -a 3 capture.hccapx -1 ?u?d ?1?1?1?1?1?1
What should I add to make it eliminate dupes?
Posts: 930
Threads: 4
Joined: Jan 2015
Generally speaking, there's no efficient way to eliminate duplicates within hashcat itself. You'd have to write an external candidate-password generator, and pipe that into hashcat.
~
Posts: 9
Threads: 3
Joined: Apr 2018
(04-23-2018, 04:35 PM)royce Wrote: Generally speaking, there's no efficient way to eliminate duplicates within hashcat itself. You'd have to write an external candidate-password generator, and pipe that into hashcat.
Gotcha. Yeah, I was thinking maybe making a crunch list as a second option. Thanks for the advice!