So why I got fascinated with hashcat
#1
Rainbow 
Is it’s versatility... at work I managed to brute force now almost all passwords, except the 14 character on with bcrypt...so far. Really awesome.
I also have an old (2014!!) Bitcoin wallet that I forgot and checked now and it even has a Bitcoin it!!
However.. all I know is that I used a 10 character generated password back then.. (associated text file I wrote.. the other clues seemed great at the time, now useless, like has the number of ram sticks you have in your machine), could be 1,2,4 etc.. anyway.
I would love to use maskprocesor and let her rip but it follows always the same pattern, generate all of the possible passwords.. there is no way to make them random (-q2 and -r2). Also I have a windows machine that I do this one which means I cannot use crunch which has more options to randomize and is faster imho..
I have a 3080 rtx and 2 2080rtxs  so speed should be there.. more or less..
I also read about making rules but in order for them to be effective I need to let the mask processor run until it randomizes which can take som timeSmile.
Also how would I write a rule for randomness..is there any way to speed the password generation up by bypassing the “crap”... I know I generated the password so it will not be anything meaningful...

Help?Smile
Reply
#2
Have you estimated if the attack can be successful at all? On a very rough guess you're cutting your keyspace by 10% with that trick. Will that make the attack any more feasible? How long will that attack against your hash with your hardware take without limiting your charset? Are you going to look at 90 years vs 100 years of cracking time?
Reply
#3
(01-11-2021, 04:29 PM)undeath Wrote: Have you estimated if the attack can be successful at all? On a very rough guess you're cutting your keyspace by 10% with that trick. Will that make the attack any more feasible? How long will that attack against your hash with your hardware take without limiting your charset? Are you going to look at 90 years vs 100 years of cracking time?

UndeathSmile,
From what I have seen, I am looking at less than half a year if I get the passwords formatted properly..but rules have never been my strong suit. But from what I have seen, if I pipe maskprocessor, I cannot ever shut down the machine Smile
Reply
#4
Yes, resuming when using maskprocessor or any other word-generating process is complicated. maskprocessor supports the --start-at option with which you can pick up a previous run again if you noted down the last candidate hashcat has printed in the status screen.
Reply