Hybrid attack workload increase incase of small dic
#1
Hello,

I've noticed in hybrid attacks the workload highly dependant on the amount of entries in the dictionary.
Take the following attack as example:

mask + wordlist

?l?l?l?l?l?l?l?l [8]

Code:
@hotmail.com
@yahoo.om
@gmail.com
97 other domains...


Performance will be horrible. 100 seperate masks attacks would also be not very efficient.

My suggestion is the following. Munge a part of the mask into the rules to increase workload. So above example would become:

?l?l?l?l?l [5]

Code:
aaa@hotmail.com
aaa@yahoo.om
aaa@gmail.com
aab@hotmail.com
aab@yahoo.om
aab@gmail.com
aac@hotmail.com
aac@yahoo.om
aac@gmail.com
etc.
Reply
#2
Depending on what hash mode you are using (or how many salts) you can increase the performance using -S
Reply
#3
(12-21-2018, 12:36 PM)undeath Wrote: Depending on what hash mode you are using (or how many salts) you can increase the performance using -S

When I tested on 5.1 -S was not supported for a hybrid attack.
And this is mostly an issue on fast algos so -S does not seem like a good solution to me
Reply
#4
The best solution for cracking emails is to either use rules or -a 1 based attacks.
Reply
#5
True, but there's plenty of emails that are crackable with masks/hybrid attacks (assuming a fast algo)

.edu emails are a great example since they're often short and following a specific format
Reply
#6
What I meant is that if you use -a 1 you can do the same as what hybrid is doing while having the GPU running at full speed.
Reply