Dictiionary Attack - how-to-question
#1
I am new to hashcat - currently I am trying to get my (forgotten) itunes password from a itunes backup iOS 9 or older ("-m 14700") and I was wondering if anyone could tell me how to start a dictionary attack - I created a text file "password.txt" - containing passwords I recently used, the passwords are separated by comma ","

so what I did:

./hashcat -d 2 -m 14700 hash.txt -a 0 password.txt

I wonder whether the password.txt file is properly created and whether the syntax "-a password.txt" is correct - thnx in advance
Reply
#2
You don't need -a 0 (optional)
Why -d 2 ? if you have several GPUs it's better to run hashcat on all GPUs (what you don't do here)
Reply
#3
there are 2 built-in GPU´s -

* Device #1: Intel(R) Core(TM) i5-4260U CPU @ 1.40GHz, skipped

* Device #2: HD Graphics 5000, 1472/1536 MB (384 MB allocatable), 40MCU

so I chose -d 2 because -d 1 is skipped, maybe I am wrong -

you mean I skip -d 2 then both GPU´s will be running ?

concerning -a 0, I learned that I have to specify an attack mode and -a 0 is a dictionary attack -

you mean if I skip -a 0 then password.txt will be used as dictionary attack ?
Reply
#4
-a 0 is default, so you can omit it. But adding it is not going to cause any problems.

The words in your wordlist must be delimited by a newline character not a comma.
Reply
#5
-a 0 copied
concerning the words in a wordlist, my list contains 36 words and a special character, I thought that the attack mode -a 0 password.txt would do all the combinations of these words, if not how can I make the dictionary attack combine all the words listed in a text file ? I am asking because running the dictionary attack based on this list is a 3-second run, which is very short
Reply
#6
you need to explain more clearly what you are trying to do.

What does combining mean in your situation ? how many words combined, any separator between the words, can one word occur multiple times within one password candidate (also next to each other) etc, etc, etc ?

What do you mean by the special characters ? where are these chars used ? only at the beginning ? one at the end ? in between the words ?

There is too little detail to give a clear answer.

Maybe you can just create or generate a wordlist since itunes algos (both -m 14700 and -m 14800) are slow (difficult to crack) algos anyway (otherwise, for fast algos like MD5 etc, a mask/hybrid/rule attack would probably be preferred)... althrough -m 14700 is actually much faster, so you are kind of lucky there.

The password candidate list can be generated with any programming/scripting language (like python/perl etc) i.e. pre-computed... as long as it is NOT too many combinations, because otherwise it would be a problem with disk space and I/O etc.
Reply
#7
What I am trying to do: I am trying to crack my itunes version 9 backup password in order to get my fotos back, I did this in 2016. I think the password length is between 6 and 14 characters.

What I did up to now: I created a hash file
How I created the hash file: I started a perl script against my manifest.plist.

Then I registered at hashcat.net to learn more about hashcat dictionary OR mask attack which were told to be the only feasible means cracking passwords.

I usually create passwords in a way that the first word of the password starts with an upper-case letter followed by lower-case letters.
Then some of my recents passwords had the special character "@" followed by the current year, which was likely 2016, so the special character was in the between two expressions.

the command I entered was: ./hashcat -m 14700 Manifest1.txt -a 0 password.txt

The Manifest1.txt is the hash file created by the perl script.
The password.txt is the wordlist that contains all the words, special character (@) and digits that I have used in 2016, all these are listed line by line, no comma separatiion or similar

I understood dictionary attack in a way that all expressions listed are combined.

If dictionary attack fails I would then try mask attack. That´s why I am asking.

thnx in advance
Reply
#8
A dictionary attack runs each word in your dictionary and applies rules if you specified any. What you describe would be a combinator attack but even that doesn't really fit your use case well.

You want a hybrid attack dict + mask.

Like this:
./hashcat -m 14700 Manifest1.txt -a 0 -j c password.txt '?s201?d'
Reply
#9
i entered the command:
./hashcat -m 14700 Manifest1.txt -a 0 -j c password.txt '?s201?d'

I received:
?s201?d: No such file or directory

Is ?s201?d supposed to be a file ?
Reply
#10
whops, minor typo on my part. Should be -a 6 not -a 0

?s201?d is a mask
Reply