## DEBUG / VERIFY MASK OUTPUT ``` hashcat -a 3 ?a?a?a?a --stdout john --mask=?a?a?a?a --stdout ``` ## HASHCAT MASK ATTACK CREATION ### Example usage: ``` hashcat -a 3 -m #type hash.txt <mask> ``` ### Brute-force all possible combinations 7 characters long: ``` hashcat -a 3 -m #type hash.txt ?a?a?a?a?a?a?a ``` ### Brute-force all possible combinations 1 - 7 characters long: ``` hashcat -a 3 -m #type hash.txt -i ?a?a?a?a?a?a?a ``` ### Brute-force uppercase first letter, 3 unknown middle characters, and ends in 2 digits (i.e. Passl2): ``` hashcat -a 3 -m #type hash.txt ?u?a?a?a?d?d ``` ### Brute-force known first half word “secret” and unknown ending: ``` hashcat -a 3 -m #type hash.txt secret?a?a?a?a ``` ### Hybrid mask (leftside) + wordlist (rightside) (i.e. 123!Password) ``` hashcat -a 7 -m #type hash.txt ?a?a?a?a dict.txt ``` ### Wordlist (leftside) + hybrid mask (rightside) (i.e. Passwordl23!) ``` hashcat -a 6 -m #type hash.txt dict.txt ?a?a?a?a ``` ## HASHCAT CUSTOM CHARSETS ### Four custom buffer charsets to create efficient targeted mask attacks defined as: ``` -1 -2 -3 -4 ``` ### Custom charset targeting passwords that only begin in a,A,b,B,or c,C , 4 unknown middle characters, and end with a digit (i.e. al7z#q7): ``` hashcat -a 3 -m #type hash.txt -1 abcABC ?l?a?a?a?a?d ``` ### Custom charset targeting passwords that only begin in uppercase or lowercase, 4 digits in the middle, and end in special character !,@,$ (i.e. W7462! or f1234$): ``` hashcat -a 3 -m #type hash.txt -1 ?u?l -2 !@$ ?l?d?d?d?d?2 ``` ### Using all four custom charsets at once (i.e. pow!12er): ``` hashcat -a 3 -m #type hash.txt -1 qwer -2 poiu -3 123456 -4 !@#$% ?2?2?1?4? 3?3? 1?1 ``` ## JOHN MASK ATTACK CREATION ### Example usage: ``` john --format=#type hash.txt --mask=<mask> ``` ### Brute-force all possible combinations up to 7 characters long: ``` john --format=#type hash.txt --mask=?a?a?a?a?a?a?a ``` ### Brute-force uppercase first letter, 3 unknown middle characters, and ends in 2 digits (i.e. Passl2): ``` john --format=#type hash.txt --mask=?u?a?a?a?d?d ``` ### Brute-force known first half word “secret” and unknown ending: ``` john --format=#type hash.txt --mask=secret?a?a?a?a ``` ### Mask (leftside) + wordlist (rightside) (i.e. 123!Password) ``` john --format=#type hash.txt --wordlist=dict.txt --mask=?a?a?a?a?w ``` ### Wordlist (leftside) + mask (rightside) (i.e. Password123!) ``` john --format=#type hash.txt --wordlist=dict.txt --mask=?w?a?a?a?a ``` ## JOHN CUSTOM CHARSETS ### Custom buffer charsets to create efficient targeted mask attacks defined as: ``` -1 -2 -3 -4 -5 -6 -7 -8 -9 ``` ### Custom charset targeting passwords that only begin in a,A,b,B,or c,C , 4 unknown middle characters, and end with a digit (i.e. a17z#q7): ```john --format=#type hash.txt -1=abcABC --mask=?l?a?a?a?a?d ``` ### Custom charset targeting passwords that only begin in uppercase or lowercase, 4 digits in the middle, and end in special character !,@,$ (i.e. W7462! or f1234$): ``` john --format=#type hash.txt -1=?u?l -2=!@$ --mask=?l?d?d?d?d?2 ``` ### Four custom charsets at once (i.e. pow!12er): ``` john --format=#type hash.txt -1=qwer -2=poiu -3=123456 -4=!@#$%, --mask=? 2?2?l?4? 3?3?1?1 ``` [[Home]]