1

I do not get hashcat working the way I want.

I got this handshake captured file. I can crack it with ?a?a?a?a?a?a?a?a --increment but since I know the password is between 14 and 16 charters that is unnecessary work. Therefore I am trying to use ?a?a?a?a?a?a?a?a?a?a?a?a?a?a --increment-min 14 --increment-max 16.

But it is complaining about ?a?a?a?a?a?a?a?a?a?a?a?a?a?a being too much and I know that the password only contain lowercase, numbers, and these usual symbols: (!_-,.:;/).

How do I make this custom mask to only use relevant information?

Royce Williams
  • 9,128
  • 1
  • 31
  • 55
J. Doe
  • 113
  • 1
  • 4

1 Answers1

0

It is indeed too large of a keyspace. ?a is 95 characters. 95^14 is 4x10^27, which won't be exhausted any time soon.

If you want to reduce the possible characters as you describe, use a custom character set:

hashcat -1 '?l?d!_-,.:;/' ?1?1?1?1?1?1?1?1?1?1?1?1?1?1

But even this keyspace 44^14, or 1x10^23 - too large to reasonably exhaust.

Unless you can narrow down your keyspace further, brute force won't help you here.

Royce Williams
  • 9,128
  • 1
  • 31
  • 55
  • But if I begin with a 8 char keyspace and use --increment, will it still increase and eventually crack 15 charters passwords or will it stop when I becomes too large? – J. Doe Dec 10 '17 at 10:52
  • If it is truly random, the 15-character length won't be reached for years. Especially if you're working with a WPA2 handshake, because it is a pretty slow hash. – Royce Williams Dec 10 '17 at 16:55