05-26-2020, 07:16 PM
hello,
is there any possibility there are missing characters from the implemented brute force attack of hashcat?
So in my case looking for MD5, which is 8 charcaters long.
hashcat64 --force -D 1,2,3, -m 0 -O -i --increment-min=8 --increment-max=8 --hwmon-disable -a 3 -o X:\md5.cracked X:\md5.crack
Session..........: hashcat
Status...........: Exhausted
Hash.Name........: MD5
Hash.Target......: 397e531bf3da8e8ef982103c29XXXXXX
Time.Started.....: Tue May 26 18:56:59 2020 (5 mins, 17 secs)
Time.Estimated...: Tue May 26 19:02:16 2020 (0 secs)
Guess.Mask.......: ?1?2?2?2?2?2?2?3 [8]
Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 17589.5 MH/s (1.78ms) @ Accel:1024 Loops:256 Thr:32 Vec:4
Speed.#2.........: 545.0 MH/s (10.98ms) @ Accel:256 Loops:64 Thr:16 Vec:4
Speed.#*.........: 18134.5 MH/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 5533380698112/5533380698112 (100.00%)
Rejected.........: 0/5533380698112 (0.00%)
Restore.Point....: 68734368/68864256 (99.81%)
Restore.Sub.#1...: Salt:0 Amplifier:80128-80352 Iteration:0-256
Restore.Sub.#2...: Salt:0 Amplifier:80320-80352 Iteration:0-64
Candidates.#1....: v7qex2v$ -> Xqxqxqg$
Candidates.#2....: 7z7dvo6$ -> Xqxq76z$
So you will think okay the PW is not 8 characters right? Then I went to https://www.onlinehashcrack.com/ and they cracked it. And yes it is 8 character. How is this possible?
When the brute force option doesn't cover all possible characters, then is it possible to use an option which uses it?
Or in this case I should use something like:
hashcat64 --force -D 1,2,3, -m 0 -O -i --increment-min=8 --increment-max=8 --hwmon-disable -a 3 -o X:\md5.cracked X:\md5.crack (somewhere I need to specify ?s?s?s?s?s?s?s?s ??? )
is there any possibility there are missing characters from the implemented brute force attack of hashcat?
So in my case looking for MD5, which is 8 charcaters long.
hashcat64 --force -D 1,2,3, -m 0 -O -i --increment-min=8 --increment-max=8 --hwmon-disable -a 3 -o X:\md5.cracked X:\md5.crack
Session..........: hashcat
Status...........: Exhausted
Hash.Name........: MD5
Hash.Target......: 397e531bf3da8e8ef982103c29XXXXXX
Time.Started.....: Tue May 26 18:56:59 2020 (5 mins, 17 secs)
Time.Estimated...: Tue May 26 19:02:16 2020 (0 secs)
Guess.Mask.......: ?1?2?2?2?2?2?2?3 [8]
Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 17589.5 MH/s (1.78ms) @ Accel:1024 Loops:256 Thr:32 Vec:4
Speed.#2.........: 545.0 MH/s (10.98ms) @ Accel:256 Loops:64 Thr:16 Vec:4
Speed.#*.........: 18134.5 MH/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 5533380698112/5533380698112 (100.00%)
Rejected.........: 0/5533380698112 (0.00%)
Restore.Point....: 68734368/68864256 (99.81%)
Restore.Sub.#1...: Salt:0 Amplifier:80128-80352 Iteration:0-256
Restore.Sub.#2...: Salt:0 Amplifier:80320-80352 Iteration:0-64
Candidates.#1....: v7qex2v$ -> Xqxqxqg$
Candidates.#2....: 7z7dvo6$ -> Xqxq76z$
So you will think okay the PW is not 8 characters right? Then I went to https://www.onlinehashcrack.com/ and they cracked it. And yes it is 8 character. How is this possible?
When the brute force option doesn't cover all possible characters, then is it possible to use an option which uses it?
Or in this case I should use something like:
hashcat64 --force -D 1,2,3, -m 0 -O -i --increment-min=8 --increment-max=8 --hwmon-disable -a 3 -o X:\md5.cracked X:\md5.crack (somewhere I need to specify ?s?s?s?s?s?s?s?s ??? )
