Can I configure HC with known chars in a password?
#1
It's for a wpa2 hash. 8 chars upper, alphanumeric. I know the first char and I think the second char is one of 3 possibilities. 

So can I configure HC with these known chars and is there an estimate on how long it will take to crack it?
Reply
#2
see https://hashcat.net/wiki/doku.php?id=mask_attack

hashcat -m 2500 -a 3 -2 ABC -3 ?l?u?d hash.txt D?2?3?3?3?3?3?3

-1, -2, -3, -4 are the custom charsets (--custom-charset1 ... --custom-charset4)

-2 ABC means "A" or "B" or "C"
-3 ?l?u?d means either lowercase char or uppercase char or digits

D?2?3?3?3?3?3?3 means "D" is hard-coded, 2nd position is set of chars from --custom-charset2 (or short -2),
after 2nd position (3rd to 8th) is using charset from ?l?u?d
Reply
#3
(08-01-2019, 09:30 PM)philsmd Wrote: see https://hashcat.net/wiki/doku.php?id=mask_attack

hashcat -m 2500 -a 3 -2 ABC -3 ?l?u?d hash.txt D?2?3?3?3?3?3?3

-1, -2, -3, -4 are the custom charsets (--custom-charset1 ... --custom-charset4)

-2 ABC means "A" or "B" or "C"
-3 ?l?u?d means either lowercase char or uppercase char or digits

D?2?3?3?3?3?3?3 means "D" is hard-coded, 2nd position is set of chars from --custom-charset2 (or short -2),
after 2nd position (3rd to 8th) is using charset from ?l?u?d

That's confusing.

I know the first char is A and I think second is T. Could you give the command for this?
Reply
#4
He literally gave you the command for that. All you need to do is switch out the letters ABCD.
Reply
#5
(08-01-2019, 10:17 PM)undeath Wrote: He literally gave you the command for that. All you need to do is switch out the letters ABCD.

But how do you set D to the character A?

I only need uppercase. Also is this the same for oclhashcat?
Reply
#6
You replace the character D by the character A. Yes, it's that simple.

It's the same for oclhashcat but that's severely outdated and if something doesn't work you're on your own.
Reply
#7
(08-01-2019, 10:37 PM)undeath Wrote: You replace the character D by the character A. Yes, it's that simple.

It's the same for oclhashcat but that's severely outdated and if something doesn't work you're on your own.

So nobody uses oclhashcat anymore?

I thought oclhashcat worked on gpus and hashcat on cpus?
Reply
#8
That's not the case since 2016. Welcome to the future.
Reply
#9
So does HC generate password combinations on the fly when using masks as opposed to loading a text file of passwords. If so which is more efficient, I would imagine loading large password files in the order of Gb's would be very consuming on the vpu/memory?
Reply