Difficulties with the cat of hash
#1
Knee deep in pussy trying to figure this out huhuhuhuh

Right so hello everyone, I've been sifting around the forum and i'm downloading the epubs it's going to take a while though and I'm going to be reading through all that in the meanwhile though I was hoping you could share some hashcat tips ?

I've read the guide and the suggestions the other gentleman had forgot his nick can't switch right now, but I'm looking for something more. To assist you allow me to explain.

My friend and I are playing a game, I'm going to try to penetrate his wifi and he's going to do the same to mine.

Knowing he had work the next day, I waited till around 4am and wifited his ssid and caught the cap. so I now have the hccapx converted and ready to attack it.

I've run multiple masks so far but I'm not doing this right my ETAs are still far too large. Prior was like 5 years now it's like 5 days but doesn't mean it's going to find anything. Anyway let's begin.

System specs:
i7-970, 32gb ram, GTX680
Benchmark example: ?u?l?l?l?l?l?d?d?d = 59days, 2 hrs

1. How do I know what HASH I'm dealing with ? Every seems to assume -m 2500 with hashcat but I don't think that's correct there's plenty other WPA modes like 2501, 28000 etc if you look at the tables. How do I properly identify the hash ? (HASHID seems more meant for md5s and stuff)

2. when converting the cap to hccapx, I noticed it said 'length = 9' in the string area, this is why I'm assuming 9 characters password but I have a feeling I'm offbase there.

3. I've run seperate tests with 139mb rockyou/BIGWPA which is 1gb and I'm thinking of attemping the weakpass 80GB. Thing is using dictionnaries naked or even with rules looks like it'll take a century. On the other hand you're more likely to run into passwords people actually use. See when I'm masking I make my own character sets and remove letters like Z and X and Q for the final digits, you know stuff like that. But it's still not enough.

So to recap, the first concern is have I properly identified the hash, because if I'm trying to -m 2500 and it's 28000 or something then it will never find the password correct ?

Lastly seems like the solution to hashing is building yourself a datacenter, but I mean that's insane. Although I suppose a hacker can get himself an amazon account with cards, build a VPC, run the workload as fast as he can then bail. That's quite a bill lol

So what's the catch here ? I don't secretly have access to Area51, dictionnaries with rules will take too long because one way or another you're adding too many possibilities, masking you're trying to many irrelevant possibilities. So where is the sweetspot on this graph ?

Thank you fellow anons Smile
Reply