02-01-2021, 06:34 AM
Hi all. Awesome program and awesome support forum!! Been reading many posts here via search, but created an account to report this one:
I am using a wordlist and rules file to crack WPA passwords, many of which tend to be phone numbers. To save space, instead of generating a giant list of phone numbers, I simply made a wordlist of area code + suffix. I then made a rule list to append the last 4 digits. This way, what would otherwise be a 4GB list of phone numbers, is instead a 180kb wordlist + 117kb rules file. The bug and problem is that hashcat is rejecting 100% of these passwords.
Why? Because WPA requires a password length of 8 - 63 characters. And as far as I can see, hashcat is looking at the password before it applies the rule!! It should apply the rule FIRST and then see if the resulting word meets the 8 - 63 limitation.
Example:
The password for a given -m2500 hash is, 208555121
My wordlist (-a 0) contains 208555 and has a rule of $?d$?d$?d$?d (adding the last 4 digits)
Yet if ran like this, the password 208555 is rejected, before the last 4 digits within the rule are applied.
I think that this bug is causing a significant number passwords to slip through this crack whenever the root password is less than 8 chars long.
It would be nice if hashcat applied the rule, thus getting the full 10 digits, then performed the compliance check to accept/reject a given password.
Am I doing something wrong?
I am using a wordlist and rules file to crack WPA passwords, many of which tend to be phone numbers. To save space, instead of generating a giant list of phone numbers, I simply made a wordlist of area code + suffix. I then made a rule list to append the last 4 digits. This way, what would otherwise be a 4GB list of phone numbers, is instead a 180kb wordlist + 117kb rules file. The bug and problem is that hashcat is rejecting 100% of these passwords.
Why? Because WPA requires a password length of 8 - 63 characters. And as far as I can see, hashcat is looking at the password before it applies the rule!! It should apply the rule FIRST and then see if the resulting word meets the 8 - 63 limitation.
Example:
The password for a given -m2500 hash is, 208555121
My wordlist (-a 0) contains 208555 and has a rule of $?d$?d$?d$?d (adding the last 4 digits)
Yet if ran like this, the password 208555 is rejected, before the last 4 digits within the rule are applied.
I think that this bug is causing a significant number passwords to slip through this crack whenever the root password is less than 8 chars long.
It would be nice if hashcat applied the rule, thus getting the full 10 digits, then performed the compliance check to accept/reject a given password.
Am I doing something wrong?