How to: use mask attack in hashcat

Подписаться 10 тыс.

Просмотров 33 тыс.

50% 1

In this video I go through the uses of masks and the steps you need to follow i order to use a mask in hashcat... and no not a face mask.
This is for educational purposes only and is only to be used on computers that you own or have permission to test.
Intro: (0:00)
Install Hashcat: (0:07)
Run Hashcat: (1:45)
First mask: (4:13)
Second mask: (5:12)
Potfile: (6:46)
Third mask: (6:55)
Use cases: (7:11)
Outro: (8:28)

Наука

Опубликовано:

29 июн 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 86

@kristoffseisler2163 3 года назад

a lot better explained than what is on their website to read

@doggo7567 3 года назад

Thank you! You are awesome!

@gouravsuram 2 года назад

THANKS bro this video really helped me !!

@graiglarsen3196 3 года назад

Great lesson here. Thank you

@Zeath22 2 года назад

WHAT AN AMAZING VIDEO! TYSM!

@PentestsandTech 2 года назад

Glad you liked it!!

@voidisnotcold5351 Год назад

good stuff man 👍

@Daniel-jz5yp 2 года назад

can I use this on my notes app on Mac? I’ve been locked out and there is no other way to get in.

@TariqDaCoder 2 года назад

how can I make a use hashcat to bruteforce a password made of lowercase and numbers mixed, length of 14? there isnt a charset for lowercase a to z and numbers :(

@AlEbnereza 3 года назад

H/h is for Hex characters.

@MohsinRaza-tv9zk Год назад

How to to use this method for RAR3 hash, whenever i run it comes back exhaustes.

@Stonesword_ 2 года назад

Hey, ik im really late, but how am I meant to know what characters are lowercase, which ones are uppercase, and specials? Im trying a vulnerable system I downloaded and I have the hash

@MrRaja 9 месяцев назад

Hey there ik I'm also late, but the charset is something like this: ?l = abcdefghijklmnopqrstuvwxyz ?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ ?d = 0123456789 ?h = 0123456789abcdef ?H = 0123456789ABCDEF ?s = «space»!"#$%&'()*+,-./:;?@[\]^_`{|}~ ?a = ?l?u?d?s ?b = 0x00 - 0xff l for lowercase alphabet u for uppercase alphabet And some others.

@adalbertosanchez418 3 года назад

I have a local D: Drive that is encrypted. I don't know the recovery key, and when I use John I get, VMK encrypted with Startup Key...not supported! Any suggestions?

@PentestsandTech 3 года назад

if it says TPM, then there's no practical way to decrypt it.

@raydenburger4563 3 года назад

is there a way to try digits and lowercase at the same time in position n?

@PentestsandTech 3 года назад

yes, read this: hashcat.net/wiki/doku.php?id=mask_attack

@JadenWong Год назад

Thank you, I was able to get back my win10 local password with custom charset and increments! Hail Kali bootable USB!!

@kievcalungsod9434 2 года назад

Why is that when I enter help, it doesn't give anything?

@Mightymiko_ 3 года назад

When I am in the CMD and running the 'Hashcat.exe -h' command it's saying permission denied. Then I tried opening the CMD as Admin, but it's saying the command wasn't recognized. Any idea on what I'm doing wrong?

@PentestsandTech 3 года назад

make sure you're in the hashcat folder, also .exe is no longer required

@traida111 2 года назад

cd c:\path\to\hashcat\

@bretzt 3 года назад

Using this for My Ether Wallet. Any recommendations regarding process?

@PentestsandTech 3 года назад

I have no experience with that sorry

@ennateume5385 2 года назад

where can I get maskhashes.txt?

@samuraib0b 3 года назад

Boss man what if the password is only digits but you do not know how many digits ? Is there a way to write a mask rule to assist the brute force go through only 1 digit to let’s say 12 or 16 digits ?

@PentestsandTech 3 года назад

Twelve or sixteen digits would take a very long time depending on the hash type, but you can use -increment-min=12 and then have your mask be 16 digits.

@CrIsPyTaCo03 2 года назад

how can i mask characters at the end of the password, i dont even know how long the password is or what.

@enesenes1238 5 месяцев назад

I am using 2022 version and when i wrote beginning codes "hashcat.exe -h" it says Access denied. Could you help me

@PentestsandTech 5 месяцев назад

I believe they changed the syntax, now you just type “hashcat -h”

@user-pr3sv3bl9e 3 года назад

Is there any way to crack 12 digits.. If i know the sequence of it? A, A+1, A+2? Each A = 3digits

@PentestsandTech 3 года назад

12 digits is going to take a very long time, I’m not sure how you would explain your formula to hashcat, you may have to make a wordlist with another tool and then use that wordlist in hashcat.

@MrRaja 9 месяцев назад

So if I get this right. I know I'm late. You want to get for example 456 and then 4561 and then 4562…4563 and so on? If you know anyone the pattern of the digits especially if it is in blocks of 3 you can specify it with ?4?5?6?d I'm guess.

@mohammadshafiqurrahman4870 3 года назад

can i make my own char set and apply that in mask?

@PentestsandTech 3 года назад

You can. Hashcat has an article on that on their website. Go check it out.

@brandonwilson4817 3 года назад

I need to know what type of hash mode to use for an atomic wallet.

@PentestsandTech 3 года назад

I've never heard of that sorry.

@bfbs34 2 года назад

can you use multiple masks at once?

@PentestsandTech 2 года назад

Explain the question a lil more

@jeetchheda8916 3 года назад

Please tell me there could be a way to find out the Password Length of a Wpa Password from its Captured Handshake file🥺🥺

@MrRaja 9 месяцев назад

This is for future commenters and viewers and maybe you: The only way to find out the length is brute forcing from the start. That is phase one you do that from 6-8 length. All in all combinations will be tested up to 8 in like 7 minutes with a GPU. You will then be forced to use wordlist starting from 9 and up. Otherwise you'll be at it for months if not years brute forcing it.

@nanorobledo8786 3 года назад

Could you pleaaaaaaaaaase help me with a pdf protected with password? Please im dying to get to it

@brandonwilson4817 3 года назад

I am getting this error message even though I just installed CUDA 9.0. Can you help me fix this because I'm needing to use hash cat to recover lots of bitcoin. ATTENTION! No OpenCL-compatible or CUDA-compatible platform found. You are probably missing the OpenCL or CUDA runtime installation. * AMD GPUs on Windows require this driver: "AMD Radeon Adrenalin 2020 Edition" (20.2.2 or later) * Intel CPUs require this runtime: "OpenCL Runtime for Intel Core and Intel Xeon Processors" (16.1.1 or later) * NVIDIA GPUs require this runtime and/or driver (both): "NVIDIA Driver" (440.64 or later) "CUDA Toolkit" (9.0 or later)

@brandonwilson4817 3 года назад

actually fixed this. now I just have this error after running it: Hash 'maskhashes.txt': Token length exception No hashes loaded. I believe I need to know how you made the maskhashes file or what you did there.

@PentestsandTech 3 года назад

inside of maskhashes I have the password hashes that I want to crack, token length exception usually means you're not telling hashcat the correct hashtype. What kind of password are you trying to crack?

@brandonwilson4817 3 года назад

@@PentestsandTech @Pentests and Tech I am trying to crack my password for atomic wallet app that has lots of bitcoin in it. I'm not sure what I set the password to...the password I usually is didn't work and this seemed to happen after I updated the app. It gives a message that using the seed phrase to recover the wallet will delete the existing one but I don't have the seed phrase wrote down either. I just need to be able to crack what it is that I made the password before.

@brandonwilson4817 3 года назад

@@PentestsandTech I created the maskhashes.txt file and put it in the hashcat 6.1 folder like you did and just put in some words on different lines that would potentially be the password. I could use some help getting this cracked and if u help me i'll send you some bitcoin.

@brandonwilson4817 3 года назад

@@PentestsandTech so can you tell me what charset I should use to brute force my wallet password?. i'm not exactly sure what type of wallet type atomic wallet is to be honest....need to find out.

@doggo7567 3 года назад

does it work with bitlocker recovery key?

@PentestsandTech 3 года назад

You could use it that way, putting dashes in between the number sets.