Learn Next?

[plaverty9]

Once someone has gotten up to speed on the basics of hashcat, like using various rules/wordlists, playing with masks, finding that ones that seem to work best, what would you suggest that a noob learn next? PRINCE? Or is there something else in between? Trying to learn to be good and efficient at pw cracking. Looking for a suggestion from the experts. 

Thanks.

[royce]

One of the most educational experiences I've had with hashcat was when I did this:

* working a large general list using all of the techniques that I knew,
* running PRINCE, random rules, or junk wordlists against the remaining hashes,
* studying why I had missed the new founds,
* and adding general attacks for those new founds to my list of techniques - repeat as needed.

This is very empowering because you can dig into the emerging patterns yourself - it's self-propelled.

It also matters to put your list of techniques in order by efficiency, and to study how to scientifically measure that efficiency using --debug-mode (to see which rules are working) and --outfiles plus the 'crackpos' value (to see how many attempts it took to find your plain).

[plaverty9]

Awesome. Thank you Royce. And you're right about the emerging patterns. I'm really enjoying "discovering" which masks work best for me. As an example, I just ran a data set of 137,000 passwords I've recently cracked through a mask generator and found the top ones, then went back and used these masks against "exhausted" hash files and voila, cracking more hashes!