I'm trying to crack a long password created a while back. I know for sure some of it and know the possible words for the parts I'm not sure of. How can I create a mask (or rules) that pull the words from a file? Example:
passwordlist.txt file contains:
blue
red
purple
The password attempts need to be like:
?sky?twelve?
the attempts would be like:
blueskypurpletwelvered
redskybluetwelvepurple
Any help would be much appreciated.
Hashcat can combine. It's attack mode 1. But does not attack 4 of each.
John can do prince with --prince-elem-cnt-min=4 to make 4 of each word.
With hashcat you jwould have to create a combo dictionary of 2 then use that for your combo attack to get 4
(Dictionary1.txt is passwordlist.txt)
hashcat -a 1 --stdout dictionary1.txt dictionary1.txt > dictionary2.txt
Then use
hashcat -a 1 -m xxxx hashestocrack.txt dictionary2.txt dictionary2.txt
There is a hashcat prince engine that can attack with 4 of each combination. (See next post for help)
If you need 5 of each then use the prince engine. Or John's prince mode.
john --prince=dictionary1.txt --prince-elem-cnt-min=5 --prince-elem-cnt-max=5 --format=xxxx hashestocrack.txt
Also note that this mode can be very intensive. Depending on dictionary length.
If you have 10 words. That's 10^5 for 5 words. That's not bad. 100000 passwords will be done in a few seconds.
But if it's 50 words you can be looking at 312 million passwords. If it's ntlm that's 30 seconds max. But if it's bcrypt that could be a while. At 4-5k passwords a second. That's 60000 seconds or a 1000 mins or 17 hours