Create a wordlist using hashcat?

passwords cracking hashcat
Christian Papathanasiou picture Christian Papathanasiou · Nov 5, 2017 · Viewed 10.8k times · Source

Hashcat doesn't support the target application I'm trying to crack, but I'm wondering whether the mask function can be 'fed' the list of passwords and parsed through the rockyou rule to generate an effective wordlist for me?

If so, how can this be done as the documentation leaves lots to be desired.. !

Many thanks

Answer

Christian Papathanasiou picture Christian Papathanasiou · Nov 6, 2017

I used HashCatRulesEngine:

https://github.com/llamasoft/HashcatRulesEngine

You can chain all the HashCat rules together, it then union selects them, weeds out any duplicates and takes as input your sample password file.

It then generates all possible permutations.

For instance: 

echo "password">foo

./hcre /Users/chris/Downloads/hashcat-4.0.0/rules/Incisive-leetspeak.rule /Users/chris/Downloads/hashcat-4.0.0/rules/InsidePro-HashManager.rule /Users/chris/Downloads/hashcat-4.0.0/rules/InsidePro-PasswordsPro.rule /Users/chris/Downloads/hashcat-4.0.0/rules/T0XlC-insert_00-99_1950-2050_toprules_0_F.rule /Users/chris/Downloads/hashcat-4.0.0/rules/T0XlC-insert_space_and_special_0_F.rule /Users/chris/Downloads/hashcat-4.0.0/rules/T0XlC-insert_top_100_passwords_1_G.rule /Users/chris/Downloads/hashcat-4.0.0/rules/T0XlC.rule /Users/chris/Downloads/hashcat-4.0.0/rules/T0XlCv1.rule /Users/chris/Downloads/hashcat-4.0.0/rules/best64.rule /Users/chris/Downloads/hashcat-4.0.0/rules/combinator.rule /Users/chris/Downloads/hashcat-4.0.0/rules/d3ad0ne.rule /Users/chris/Downloads/hashcat-4.0.0/rules/dive.rule /Users/chris/Downloads/hashcat-4.0.0/rules/generated.rule /Users/chris/Downloads/hashcat-4.0.0/rules/generated2.rule /Users/chris/Downloads/hashcat-4.0.0/rules/hybrid /Users/chris/Downloads/hashcat-4.0.0/rules/leetspeak.rule /Users/chris/Downloads/hashcat-4.0.0/rules/oscommerce.rule /Users/chris/Downloads/hashcat-4.0.0/rules/rockyou-30000.rule /Users/chris/Downloads/hashcat-4.0.0/rules/specific.rule /Users/chris/Downloads/hashcat-4.0.0/rules/toggles1.rule /Users/chris/Downloads/hashcat-4.0.0/rules/toggles2.rule /Users/chris/Downloads/hashcat-4.0.0/rules/toggles3.rule /Users/chris/Downloads/hashcat-4.0.0/rules/toggles4.rule /Users/chris/Downloads/hashcat-4.0.0/rules/toggles5.rule /Users/chris/Downloads/hashcat-4.0.0/rules/unix-ninja-leetspeak.rule < foo >passwordsx

1 password the word "password" was permutated a total of:

bash-3.2# wc -l passwordsx
  227235 passwordsx
bash-3.2#

Times meaning that each word you feed into this generates 227235 possible combinations roughly giving you full coverage..

Related questions

How to create a Bruteforce password cracker for alphabetical and alphanumerical passwords?

I need to make small programs for school to brute force crack different types of passwords; I'm looking to create a brute force python code that will run through every possible combination of alphabetical and alphanumerical passwords and give me …

Read More
About how fast can you brute force PBKDF2?

After the linkedin password hash leak, I've been looking at our password hashing. We using Django 1.4 which uses PBKDF2, which is great and a step up from the previous SHA1. However I'm curious how easily one could brute force that. …

Read More
Best loop for cracking passwords

I am creating a program that I will use to help my customers recover passwords placed on office documents like word and excel. The program works just fine but it is MUCH slower than similar products that you can download …

Read More