hashcat Forum Support hashcat v
Need help working with masks

Threaded Mode
Need help working with masks
uennotec Offline
Junior Member
**
Posts: 7
Threads: 2
Joined: Sep 2018
#1
02-03-2019, 02:56 PM (This post was last modified: 02-03-2019, 03:01 PM by uennotec.)
Hello,

I want to crack a filevault2 hash from which I know that it starts with a word followed bye a 1-8 digit number.

So letz say the password starts with the word "test" followed bye a 4-digit number, then I use the following code:

Code:
hashcat64.exe -m 16700 hash.hash -a 3 test$d$d$d$d

But I think this is not working as I (for test purposes) used following code:

Code:
hashcat64.exe -m 16700 hash.hash -a 3 test$d$d$d$d$d$d$d$d$d$d$d$d$d$d$d$d

And Hashcat showed me "exhausted" after few seconds of work. I thought, that this command means, that all combinations of the word+16 digits after that will be tried, but I see that only 1 password is tried, so I think I have not understand how to work with masks.

Could anyone show me what I'm doing wrong?

Also can someone explain me how I start a combination-attack so that I create a small wordlist containing the possible words, followed bye the numbers? If there is a possiblity to tell hashcat, that the words in the list should also tried in uppercase letters, that would be helpful. Otherwise I will copy those in the .txt-file also.

Here are some stats of my system:

-Windows 10 (1803), 64-bit
-Hashcat 5.1.0
-NVIDIA RTX 2080, driver 417.35


Any help is highly appreciated

uennotec
Find
Reply
undeath Offline
Sneaky Bastard
******
Posts: 2,301
Threads: 11
Joined: Jul 2010
#2
02-03-2019, 03:29 PM
you are mixing up masks and rules in a really weird way. This is what masks look like: https://hashcat.net/wiki/doku.php?id=mask_attack
Find
Reply
uennotec Offline
Junior Member
**
Posts: 7
Threads: 2
Joined: Sep 2018
#3
02-03-2019, 04:37 PM
(02-03-2019, 03:29 PM)undeath Wrote: you are mixing up masks and rules in a really weird way. This is what masks look like: https://hashcat.net/wiki/doku.php?id=mask_attack

Can you please tell me whats the correct syntax for what Im trying to do? Im sry, but I read the manual and much other stuff, but still have problems Sad
Find
Reply
royce Offline
Moderator à la mode
******
Posts: 929
Threads: 4
Joined: Jan 2015
#4
02-03-2019, 06:51 PM
Masks use ?, not $.
~
Find
Reply
uennotec Offline
Junior Member
**
Posts: 7
Threads: 2
Joined: Sep 2018
#5
Big Grin  02-03-2019, 11:27 PM (This post was last modified: 02-03-2019, 11:28 PM by uennotec. Edit Reason: Rechtschreibfehler )
(02-03-2019, 06:51 PM)royce Wrote: Masks use ?, not $.

OMG, what a noob-fail. I had it right in my notes, but made an error transferring. Letz never talk about that again XD

Ok, now it is working. Is there is a way to put all the different prefixes I assume in a .txt-file and use a mask after that?

I mean that it (for example) uses [NAME2]?d?d?d?d, [NAME2]?d?d?d?d, [NAME2]?d?d?d?d, ...

That would help me to crack it overnight, instead of manually writing each prefix. Also I heared about ways to test these prefixes with upper/lowercase.
Find
Reply
royce Offline
Moderator à la mode
******
Posts: 929
Threads: 4
Joined: Jan 2015
#6
02-04-2019, 12:00 AM
We shall speak no more of it. Smile

Generally, that's a hybrid attack, word-on-the-left style - hashcat attack mode 6 (-a 6).

Shifting case would be trickier - you'd have to preprocess the wordlist to do that (because hashcat can't combine masks and rules simultaneously).
~
Find
Reply