Posts: 7
Threads: 1
Joined: Apr 2021
Hello everyone, great forum here, I´m Alex and i try to familiarize myself with hashcat!
I have a simpler question. I just can't manage a brute force mask attack with certain letters. So I know 4 characters (A; i; 1; u) of a 10-digit password, but I don't know any order or position. Do you know how I can best implement this?
i tried:
hashcat.exe -a 3 -m 16600 -w 3 hash.txt 10char-1l-1u-1d-1s-compliantAi1u.hcmask
I added $A, $i, $1 and $u to the original Maskfile but hashcat tries all the variations anyway.
Do you know an option how i can handle that correct?
I´m sorry about my english...
Thank you for your support!
Posts: 83
Threads: 19
Joined: Dec 2014
Your format is wrong for the mask. It appears from your description, that all 4 of those characters appear in the password, you just don't know where. In which case, the mask file need to be carefully crafted to include a special mask in any of the 10 positions, like so:
Ai1u,?1?1?1?1?a?a?a?a?a?a
Ai1u,?1?a?1?1?1?a?a?a?a?a
Ai1u,?1?1?a?1?1?a?a?a?a?a
etc.
However, even this will take a very long time unless you are lucky even for a fast hash. If you know more facts about the password, such as no special characters, then that will help.
See https://hashcat.net/wiki/doku.php?id=mask_attack
Posts: 7
Threads: 1
Joined: Apr 2021
Thanks a lot for your fast reply, now i got it!
So i define a mask with all opinions.
Posts: 7
Threads: 1
Joined: Apr 2021
Hello again!
I deifined the mask and it works fine, but the problem is, hashcat tries all opinions, but the 4 characters aren´t fix includes.
So, as your example it will do like:
Ai1u,?1?1?1?1?a?a?a?a?a?a --> AAAAxxxxx
Ai1u,?1?a?1?1?1?a?a?a?a?a --> ixiiixxxx
Ai1u,?1?1?a?1?1?a?a?a?a?a --> 11x11xxxx
and so on, that realy needs much of time 
I would like all letters to always be a fiver component like:
Ai1u,?1?1?1?1?a?a?a?a?a?a --> Ai1uxxxxx
Ai1u,?1?a?1?1?1?a?a?a?a?a --> ux1iAxxxx
Ai1u,?1?1?a?1?1?a?a?a?a?a --> 1xuAixxxx
is this possible?
Thanks a lot!!
Posts: 39
Threads: 1
Joined: Jan 2019
(04-11-2021, 11:04 AM)outaspace Wrote: Hello again!
I deifined the mask and it works fine, but the problem is, hashcat tries all opinions, but the 4 characters aren´t fix includes.
So, as your example it will do like:
Ai1u,?1?1?1?1?a?a?a?a?a?a --> AAAAxxxxx
Ai1u,?1?a?1?1?1?a?a?a?a?a --> ixiiixxxx
Ai1u,?1?1?a?1?1?a?a?a?a?a --> 11x11xxxx
and so on, that realy needs much of time
I would like all letters to always be a fiver component like:
Ai1u,?1?1?1?1?a?a?a?a?a?a --> Ai1uxxxxx
Ai1u,?1?a?1?1?1?a?a?a?a?a --> ux1iAxxxx
Ai1u,?1?1?a?1?1?a?a?a?a?a --> 1xuAixxxx
is this possible?
Thanks a lot!!
Posts: 39
Threads: 1
Joined: Jan 2019
04-11-2021, 02:52 PM
(This post was last modified: 04-11-2021, 02:53 PM by Centurio.)
Hi,
You want to use the combipow of hashcat/src/combipow.bin
Create a Textfile containing your letters. As you are not sure about which comes after an other, you want to make a list with each letter on a new line.
A
i
1
u
.....
./combipow.bin your_wordlist > name_of_output_file
Now you head off to an combinator attack. Use your dict first and then brute force. You want to use hashcat -a 3 -m 16600 name_of_output_file ?a?a?a?a?a?a
You get what I mean? I have a similar problem but I used special chars like äöü in my password with 0.045 BTC electrum wallet.
Posts: 7
Threads: 1
Joined: Apr 2021
Hey Centurio!
Thanks for your input!
First, I wish you get your bitcoin!
I tried combipow and it works nice, i generated a new file and tried the brute force attack, how you write, i only added the hash, like:
hashcat -a 3 -m 16600 hash.txt name_of_output_file ?a?a?a?a?a?a
the output from hashcat is ?a?a?a?a?a?a: unsupported file type.
can I possibly bring the generated file into a mask?
Posts: 39
Threads: 1
Joined: Jan 2019
did you replace "name_of_output_file" with something like out.txt ?
Posts: 7
Threads: 1
Joined: Apr 2021
i tried both, the outputfile without an ending (like the original file)
hashcat -a 3 -m 16600 hash.txt combi ?a?a?a?a?a?a
error: the output from hashcat is ?a?a?a?a?a?a: unsupported file type
and the outputfile with *.txt
hashcat -a 3 -m 16600 hash.txt combi.txt ?a?a?a?a?a?a
error: Integer overflow detected in keyspace of mask: ?a?a?a?a?a?a
The combi.txt is like:
A
Ai
Ai1
i1
1u
looks like it defines all combinations.
I tried also some other text files with the brute force attack, but unfortunately this doesn't work either.
did it work for you?
Thanks for your time!
Posts: 39
Threads: 1
Joined: Jan 2019
ah, I am stupid. It is not attack mode 3, it is mode 6. This way you will be able to run hashcat.
hashcat -a 6 -m 16600 your_hash.txt your_list.txt ?a?a?a?a?a?a
btw: I have the Hashcrack book from netmux. It's a very good one if you want to stay in this area.
Yes and no. I remember have imported the wallet multiple times. So I have extracted all haseh of the wallets. 1 I could crack, but it's balance (8 mBTC) I had already withdrawn. So it is really the default_wallet. I loaded it again in electrum, and its only this one. The others are wach only (my imported one).
My list constisted 30 Lines, but no success yet. If only BTC would not grow that much, it would be not worring me :-)
Let me know if it worked or you need further help or GPU power :-)
|
