Please note, this is a STATIC archive of website hashcat.net from October 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: Missing characters from hashcat brute-force?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
hello,

is there any possibility there are missing characters from the implemented brute force attack of hashcat?

So in my case looking for MD5, which is 8 charcaters long.
hashcat64 --force -D 1,2,3, -m 0 -O -i --increment-min=8 --increment-max=8 --hwmon-disable -a 3 -o X:\md5.cracked X:\md5.crack

Session..........: hashcat
Status...........: Exhausted
Hash.Name........: MD5
Hash.Target......: 397e531bf3da8e8ef982103c29XXXXXX
Time.Started.....: Tue May 26 18:56:59 2020 (5 mins, 17 secs)
Time.Estimated...: Tue May 26 19:02:16 2020 (0 secs)
Guess.Mask.......: ?1?2?2?2?2?2?2?3 [8]
Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 17589.5 MH/s (1.78ms) @ Accel:1024 Loops:256 Thr:32 Vec:4
Speed.#2.........:  545.0 MH/s (10.98ms) @ Accel:256 Loops:64 Thr:16 Vec:4
Speed.#*.........: 18134.5 MH/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 5533380698112/5533380698112 (100.00%)
Rejected.........: 0/5533380698112 (0.00%)
Restore.Point....: 68734368/68864256 (99.81%)
Restore.Sub.#1...: Salt:0 Amplifier:80128-80352 Iteration:0-256
Restore.Sub.#2...: Salt:0 Amplifier:80320-80352 Iteration:0-64
Candidates.#1....: v7qex2v$ -> Xqxqxqg$
Candidates.#2....: 7z7dvo6$ -> Xqxq76z$

So you will think okay the PW is not 8 characters right? Then I went to https://www.onlinehashcrack.com/ and they cracked it. And yes it is 8 character. How is this possible?

When the brute force option doesn't cover all possible characters, then is it possible to use an option which uses it?

Or in this case I should use something like:
hashcat64 --force -D 1,2,3, -m 0 -O -i --increment-min=8 --increment-max=8 --hwmon-disable -a 3 -o X:\md5.cracked X:\md5.crack (somewhere I need to specify  ?s?s?s?s?s?s?s?s   ??? )
trying....:

hashcat64 --force -D 1,2,3, -m 0 -O -i --increment-min=8 --increment-max=8 --hwmon-disable -a 3 -o X:\md5.cracked X:\md5.crack ?a?a?a?a?a?a?a?a
Yes, the default incremental mode is not a full brute force, but rather one that is optimized for likely candidates without being exhaustive:

Guess.Mask.......: ?1?2?2?2?2?2?2?3 [8]
Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined