Please note, this is a STATIC archive of website hashcat.net from October 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: Parameters for passwords
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
I am new to hashcat and would like to get some guidance.  I am using a hybrid attack using a dictionary with a mask on the end.  I would like to limit the attack to 8-10 character passwords as to not waste to much cpu power just to verify my users are using good passwords.  I need to know how to add a variable length mask and restrict it to create a password similar to "Max12345" by using the dictionary to push out the words and then tagging on the random digits with characters on the end.  These are windows passwords and thus are required to have complexity and meet a requirement of 8 characters.  Most users only do the minimum as we are all aware so I suspect it will be pretty easy to get most users.

Thanks in advance
If you use -a 6 hybrid attack that means you have a mask. The mask will add N length to the candidates, depending on your mask. Means if you subtract that length from your maximum password length, all you need to do is to filter the input wordlist for that size. You can use -j parameter with the < rule, see rule pages on wiki