If we assume that your passphrase was randomly generated (not influenced by human selection factors), then some basic math and a couple of tools can get you most of the way there. Your restriction #3 (each character can be used only once) is the harder one, but probably wouldn't really reduce the total combinations space very much, so I recommend setting it aside for now.
Capturing the complexity
First, take a look at the policygen
tool from the PACK toolkit. You can generate a set of masks that match your length and minimums.
You can also inform time estimation using policygen
's --pps
parameter.
This tells policygen
how many passwords per second your target platform can attempt.
For example, if you have a GPU similar to my GTX 970 SC (which can do 185 kH/s for WPA/WPA2 using hashcat
), you'll get something like the following:
$ policygen --pps=185000 --minlength=8 --maxlength=8 \
--mindigit=2 --minlower=2 --minupper=2 --maxspecial=0 -o test.masks
_
PolicyGen 0.0.2 | |
_ __ __ _ ___| | _
| '_ \ / _` |/ __| |/ /
| |_) | (_| | (__| <
| .__/ \__,_|\___|_|\_\
| |
|_| iphelix@thesprawl.org
[*] Saving generated masks to [test.masks]
[*] Using 185,000 keys/sec for calculations.
[*] Password policy:
Pass Lengths: min:8 max:8
Min strength: l:2 u:2 d:2 s:None
Max strength: l:None u:None d:None s:0
[*] Generating [compliant] masks.
[*] Generating 8 character password masks.
[*] Total Masks: 65536 Time: >1 year
[*] Policy Masks: 2940 Time: >1 year
$ wc -l test.masks
2940 test.masks
The resulting set of 2940 masks covers the set of all possibilities that match your constraints.
Estimating the time
Notice that policygen
estimates the time to be more than 1 year. For closer estimation, you may not be able to predict when your specific passphrase would be cracked, but you can establish an upper bound and an average (half of that upper bound).
Using hashcat
's maskprocessor tool, you can get the total number of combinations for a given mask. Running that against each mask, and summing the results:
for mask in `cat test.mask`; do \
mp64 --combinations $mask; done \
| awk '{s+=$1} END {print s}'
... yields the following number:
5.84746e+13
or roughly 58474600000000 combinations. Assuming 185,000 hashes per second, that's (5.84746e+13 / 1985000) / 60 / 60 / 24 = 340,95 days, or about one year to exhaust the entire keyspace. The average passphrase would be cracked within half a year (half of time needed to traverse the total keyspace).
Of course, this time estimate is tied directly to the compute power available. As you add more GPUs to the mix, performance will scale linearly with their performance.
Starting the attack
To try to crack it, you would simply feed your WPA2 handshake and your list of masks to hashcat
, like so. Note that this rig has more than one GPU.
$ ./hashcat -w 4 -a 3 -m 2500 [your-wpa2-hccapx-filename] test.masks
hashcat (v3.5.0) starting...
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1080, 2028/8113 MB allocatable, 20MCU
* Device #2: GeForce GTX 1080, 2028/8114 MB allocatable, 20MCU
* Device #3: GeForce GTX 1080, 2028/8114 MB allocatable, 20MCU
* Device #4: GeForce GTX 1080, 2028/8114 MB allocatable, 20MCU
* Device #5: GeForce GTX 970, 1009/4037 MB allocatable, 13MCU
* Device #6: GeForce GTX 970, 1009/4037 MB allocatable, 13MCU
OpenCL Platform #2: Advanced Micro Devices, Inc.
================================================
* Device #7: AMD FX(tm)-8350 Eight-Core Processor, skipped.
Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Applicable optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force
* Slow-Hash-SIMD
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger disabled.
[s]tatus [p]ause [r]esume [b]ypass [c]heckpoint [q]uit =>
Session..........: hashcat
Status...........: Running
Hash.Type........: WPA/WPA2
Hash.Target......: 8381533406003807685881523 (AP:ae:f5:0f:22:80:1c STA:98:7b:dc:f9:f9:50)
Time.Started.....: Sun Apr 9 07:30:31 2017 (1 sec)
Time.Estimated...: Sun Apr 9 08:08:54 2017 (38 mins, 22 secs)
Guess.Mask.......: ?d?d?d?d?l?l?u?u [8]
Guess.Queue......: 1/2940 (0.03%)
Speed.Dev.#1.....: 401.7 kH/s (403.50ms)
Speed.Dev.#2.....: 402.4 kH/s (405.15ms)
Speed.Dev.#3.....: 405.4 kH/s (402.24ms)
Speed.Dev.#4.....: 403.3 kH/s (400.39ms)
Speed.Dev.#5.....: 187.0 kH/s (283.22ms)
Speed.Dev.#6.....: 185.3 kH/s (285.72ms)
Speed.Dev.#*.....: 1985.0 kH/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 0/4569760000 (0.00%)
Rejected.........: 0/0 (0.00%)
Restore.Point....: 0/456976000 (0.00%)
Candidates.#1....: 1234maMA -> 1618pqAN
Candidates.#2....: 1218pqAN -> 1667yzMA
Candidates.#3....: 1242yzMA -> 1631tgBA
Candidates.#4....: 1771seGO -> 1558paAN
Candidates.#5....: 1784jaAN -> 1816blON
Candidates.#6....: 1261tgBA -> 1523reGO
HWMon.Dev.#1.....: Temp: 63c Fan: 90% Util:100% Core:1822MHz Mem:4513MHz Bus:8
HWMon.Dev.#2.....: Temp: 55c Fan: 90% Util:100% Core:1809MHz Mem:4513MHz Bus:4
HWMon.Dev.#3.....: Temp: 56c Fan: 90% Util:100% Core:1822MHz Mem:4513MHz Bus:16
HWMon.Dev.#4.....: Temp: 50c Fan: 90% Util:100% Core:1822MHz Mem:4513MHz Bus:4
HWMon.Dev.#5.....: Temp: 54c Fan: 60% Util:100% Core:1379MHz Mem:3004MHz Bus:1
HWMon.Dev.#6.....: Temp: 58c Fan: 60% Util:100% Core:1366MHz Mem:3004MHz Bus:1
hashcat
will start working through your list of masks, one at a time. Since policygen
sorts masks in (roughly) complexity order, the fastest masks appear first in the list. So each mask will tend to take (roughly) more time than the previous ones.
You'll probably not want to wait around until it's done, though. :)