Please note, this is a STATIC archive of website hashcat.net from 08 Oct 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: Can't reverse known hash ?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2
No matter how long does it take, even weeks, I'll be running this because I really need this password recover.

Code:
cudaHashcat64.exe -a 3 -m 400 -i --increment-min=3 --increment-max=12 hash.txt

So this is going to test from 3 to 12 character-lenght all lowercase character right ?
The wiki isn't super clear about that specific case...
or am I running this in the void ?

Code:
Session.Name...: cudaHashcat
Status.........: Running
Input.Mode.....: Mask (?1?2?2?2?2?2) [6]
Hash.Target....: $P$BOr7VkRzwGegJwqBIts2TmUxefdgPs1
Hash.Type......: phpass, MD5(Wordpress), MD5(phpBB3), MD5(Joomla)
Time.Started...: Thu Aug 13 23:33:49 2015 (2 hours, 31 mins)
Time.Estimated.: Fri Aug 14 04:31:28 2015 (2 hours, 21 mins)
Speed.GPU.#1...:   483.1 kH/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 522240000/3748902912 (13.93%)
Rejected.......: 0/522240000 (0.00%)
Restore.Point..: 8355840/60466176 (13.82%)
HWMon.GPU.#1...: 96% Util, 72c Temp, N/A Fan
I don't understand the point of the mask.
It's clearly efficient when you know the lenght of the password you want to crack but when you don't, why using mask then ?

If the password is lolpenis for example and in my cmd I write ?l?l?l?l?l?l?l?l?l he obviously won't find it, right ? (seen on the wiki) so what is the point of masking on an unknown password ?
[Image: aHR0cDovL2kuaW1ndXIuY29tL3FUOTZQLmdpZg==.jpg]
The point of a mask is telling what is the keyspace you are willing to cover. People tend to use specific patterns so instead of using bruteforce with every possible characters for every position of the password, you can specify for each position what characters to try. For example when facing the constraint of creating a password of at least 8 characters and at least one digit, they will create a password length 8 with the digit at the last position. Also most people use only lowercase so you can try:

Code:
?l?l?l?l?l?l?l?d

Try it and compare how much time it would take compared to the full keyspace bruteforce: ?a = lowercase + uppercase + symbol + numeric

Code:
?a?a?a?a?a?a?a?a

That's why we use masks: reduce keyspace while covering the most likely possibilities.
Pages: 1 2