Date: Sun, 28 Oct 2018 08:43:52 -0400 From: Rich Rumble <richrumble@...il.com> To: john-users@...ts.openwall.com Subject: Re: brute force unknown chars On Sun, Oct 28, 2018 at 7:39 AM Powen Cheng <madtomic@...il.com> wrote: > Hello, > > Can anyone please help me as I can't figure out if this is even possible? > > Example: I know the password begins with "Password" but is 12 characters > long. > So, I would need to brute force the last 4 char using thecustom.chr that I > created. > > Can someone please help me with this? > A custom.chr file might be faster, but depending on the hash type (fast or slow) you could bruteforce 4 remaining chars very quickly with a mask, or even the external-mode "knownforce". I'd do the following: ./john -format=nt hash.txt -session=mask -mask=Password?a?a?a?a (Assumes your hash type is NTLM aka -format=nt) That will try all characters appended to the end of the word "Password", if the real password contains "?'s" escape them -mask=asdf\?lkjh?a?a?a?a https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/doc/MASK If you have more than one thread/CPU you may consider using Fork as well ./john -format=nt hash.txt -session=mask -mask=Password?a?a?a?a -fork=4 That will spit the load out to 4 threads just in case your hash type is not benefiting from OMP https://openwall.info/wiki/john/parallelization I think you can use your charset by adding a new rule like this to john.conf [wordlist:append] :Az and running a command like ./john -stdout -i=thecustom.chr | ./john -pipe -format=nt -session=custom-in -rules=append -w=word.txt hash.txt This will output your characters from your custom charset and pipe them into the next instance of john, and that instance is set to format NTLM, use the rule in john.conf, a wordlist containing the known part of the password, and then agains the hash you have in hash.txt. Check out some of the older questions on John's mailing list too https://www.google.com/search?q=site:openwall.com+add+characters+to+the+end+of+string&cad=h -rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.