Cracking bcrypt hash using brute force mode
#1
Shocked 
Hello I'm very new to this
I'm trying to crack a 4 letter password (bcrypt hash) with the possibility of containing noncapital, capital letters and numbers 
example: FvL6, wm4n
This is the cmd I ran 
hashcat64.exe -m 3200 -a 3 -w 2 --custom-charset1=?l?u?d -i --increment-min 4 --increment-max 4 Ha123.txt ?a?a?a?a -o Cracked.txt
But estimated time was not practical. It was wondering if I'm doing something wrong.
Thank you for helping me and hopefully, my post isn't breaking any rules.
Reply
#2
You are doing it correctly, bcrypt is just designed to be that slow on purpose. There really isn't much else you can do. It might be easier to load your GPU to 100% util if you just generate all the candidates with mask processor and put them in a file, but it's possible that this doesnt help at all and its the same speed..
Reply
#3
The command makes no sense.

Defining any custom charset like --custom-charset1 (or short -1) without using it within the mask doesn't make any sense and is actually quite a common user mistake. Sad

It would make more sense to use

-1 ?l?u?d and then a mask with ?1?1?1?1

BTW: I always try to mention the problems if I find some within user commands, otherwise other users just go ahead and blindly copy-paste (parts of) commands
Reply
#4
I'll add that ?a contains symbols, which you don"t want according to your passwords ("FvL6, wm4n")
Reply
#5
As a comparison:

$ hashcat --keyspace -a 3 ?a?a?a?a
857375
$ hashcat --keyspace -a 3 -1 ?l?u?d ?1?1?1?1
238328

So you're doing about 4x as much work by using ?a?a?a?a. Probably not enough of a reduction to go from "heat death of the universe" to "by lunchtime", but still worth fixing.
Reply
#6
(05-10-2020, 07:29 AM)philsmd Wrote: The command makes no sense.

Defining any custom charset like --custom-charset1 (or short -1) without using it within the mask doesn't make any sense and is actually quite a common user mistake. Sad

It would make more sense to use

-1 ?l?u?d and then a mask with ?1?1?1?1

BTW: I always try to mention the problems if I find some within user commands, otherwise other users just go ahead and blindly copy-paste (parts of) commands
Thanks a bunch, I have fixed that and it reduced the time considerably.
I was also wondering if you can make a rule to include only a single number for each word or no number at all.
I hope that's possible and isn't so much to ask. Thank you so much for taking the time to help me.
Reply
#7
Pure masks don't support this but you can create a hcmask file with policygen from PACK: https://github.com/iphelix/PACK
Reply
#8
(05-11-2020, 01:04 AM)undeath Wrote: Pure masks don't support this but you can create a hcmask file with policygen from PACK: https://github.com/iphelix/PACK
Can I use pack to create a wordlist that fits my potential word candidates? then I use it later for wordlist attack and what's the command line for it please?
I got to work only by typing "python3" and not "python" is that okay? 
My rules are 
--minlength 4 --maxlength 4
Capital letters and non capital letters
One number max each word or no numbers at all
Reply