04-01-2019, 07:17 PM

Thank you all for letting me join this forum.

I have just started out with Hashcat, after finding that Pyrit was a dead end.

I want to try some kind of "conditional bruteforcing", and here's what I know about the password:

- The password is 12 chars long.

- The password consists of numbers and uppercase letters.

The possible number of combinations are way too many to bruteforce without some rules to exclude the least possible ones.

So, I'm looking for a clue about how to set up such rules.

Some example conditions:

No more than 3 identical chars after each other.

No more than 3 numbers after each other.

No more than a total of N of each char in the passphrase.

It's very unlikely that the password is "AAAAAAAAAAA2", so there should be possible to exclude quite a lot of combinations.

Can anyone point me in the right direction?

I have just started out with Hashcat, after finding that Pyrit was a dead end.

I want to try some kind of "conditional bruteforcing", and here's what I know about the password:

- The password is 12 chars long.

- The password consists of numbers and uppercase letters.

The possible number of combinations are way too many to bruteforce without some rules to exclude the least possible ones.

So, I'm looking for a clue about how to set up such rules.

Some example conditions:

No more than 3 identical chars after each other.

No more than 3 numbers after each other.

No more than a total of N of each char in the passphrase.

It's very unlikely that the password is "AAAAAAAAAAA2", so there should be possible to exclude quite a lot of combinations.

Can anyone point me in the right direction?