Jump to content

Hashcat mask/rules?


biob
 Share

Recommended Posts

Disclaimer: I have not interest in accessing networks that I don't have permission to do so. This is purely educational.

Hi All,

i currently have a very little WIFI pen test lab set up. I'm concentrating on wifi as my first task to learn. 

I have an AP setup with a password :12232890. I have successfully captured the WPA2 handshake. I now want to bruteforce my password. How can I setup a mask/rule for hashcat with following complexities?

Keyspace:1234567890

Length:8

Pw: 12232890

No more than two of the same digits sequentially e.g ok:-22183456, not ok:-22213456

No more than 3 of the same digit e.g ok:-22124567, not ok:-22289456

No more than 1 double repeating digits e.g. Not ok:-11223344 or 11422055 or 11672289

Link to comment
Share on other sites

32 minutes ago, biob said:

No more than two of the same digits sequentially e.g ok:-22183456, not ok:-22213456

No more than 3 of the same digit e.g ok:-22124567, not ok:-22289456

No more than 1 double repeating digits e.g. Not ok:-11223344 or 11422055 or 11672289

For a password that is numbers only, 8 digits, I wouldn't bother. It'll crack so fast, it'd take you longer to type the mask out than the crack time without it anyway!

8^10 = 1,073,741,824 = About 6 seconds to crack for GTX 970.

hashcat64 -a 3 [filename] -l ?d?d?d?d?d?d?d?d

Edited by haze1434
Link to comment
Share on other sites

2 hours ago, biob said:

My PC is ancient by today's standard and would take 4.5 hours to crack 10^8.

Really? That's slow! What GPU do you use?

FYI, a GTX 970 is £300 and average by today's standards. Someone with a Titan at £1000 could crack about 30% faster than the table on my other post (linked in the post above).

Link to comment
Share on other sites

20 hours ago, biob said:

Managed to implement the rule in maskprocessor, but hashcat doesn't seem to have all the same options. Not at my PC so can't paste what I used yet.

You could use Crunch to generate a wordlist, and then use HashCat with this wordlist. I believe you can pipe one directly to the other, without having to save a file in-between.

I don't have much experience of Crunch to be honest. You can download it here, and some instructions are here.

Link to comment
Share on other sites

Thank you for all your help, Haze1434. Hak5 forum, is not what it use to be.

i will give that a go tonight. I totally forgot about piping outputs in to hashcat. Think I will try piping the output of the maskprocessor into hashcat too.

i will post my result here if they work, just in case anyone else anyone else is interested.

just out on interest, what is your hardware setup Haze1434?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...