Not sure if hashcat is calculating my desired parameters
#1
Hello everyone,

I am new to hashcat, having only delved into this program after I lost the key to my backupdrive. I created two custom character sets in order to calculate my password, -1 being letters and -2 being special characters.

However, it appears to me that the hashcat instance is calculating possible passwords that have letters where I have specified special characters should be placed, and vice versa. This is making too many possibilities for my tiny processor. Here is the status menu reprinted so you can see what I mean:

Guess.Mask.......: haggi?1?1?1?1?2?2?2%%* [15]
Guess.Charset....: -1 charsets/dash1.hcchr, -2 charsets/dash2.hcchr, -3 Undefined, -4 Undefined
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:        7 H/s (424.18ms) @ Accel:2 Loops:256 Thr:512 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 655360/19487171 (3.36%)
Rejected.........: 0/655360 (0.00%)
Restore.Point....: 655360/19487171 (3.36%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:46080-46336
Candidates.#1....: haggichrheer%%* -> haggi/sd1ach%%*

Where did I go wrong? Any help is greatly appreciated, I am new at this and the documentation didn't help me understand whatever my mistake is. Thanks everyone
Reply
#2
Quote:-1 charsets/dash1.hcchr, -2 charsets/dash2.hcchr

Hashcat is using the exact letters there, not the contents of those files.

"Candidates.#1....: haggi chrheer %%* -> haggi /sd1ach %%*"
chrheer and /sd1ach are all letters in "charsets/dash1.hcchr" and "charsets/dash2.hcchr"

You can also see this in the "Progress.........: 655360/19487171 (3.36%)" it says here that a total of 19487171 candidates are being tested. 19487171 = 11 to the power of 7, because "charsets/dash1.hcchr" has 11 unique characters and the set in '?1?1?1?1?2?2?2' is 7 chars long.

I'm not sure you can use a file in combination with -1 and -2, if you just want letters and special char you can use "-1 ?l?u -2 ?s" or the exact characters you need without using the files.

You said "This is making too many possibilities for my tiny processor", however this mistake instead makes it fewer possibilities, not more. And a lot fewer i'm afraid.

This wil mean it will take waaaaaaaaay longer to do what you actually want because there are more than 11 possibilities for both ?1 and ?2 (more than 11 letters for -1 and hashcat uses 33 special chars in special chars ?s).

Assuming you want only lowercase letters and 10 special characters, this would change it from 19487171 candidates (what you are cracking now) to 456976000 (24 times more). And that is with only lowercase and 10 special chars. If you want upper and lowercase plus all 33 special chars it will generate 262757544192 candidates, or 13484 times longer to crack.
Reply