A Mask-Attack using hashcat based on the rockyou leak

Go to file

Lukas Baumann e919273e95 Update README.md		2021-02-19 00:47:23 +01:00
.github/workflows	Create codeql-analysis.yml	2020-12-06 21:42:21 +01:00
LICENSE	Create LICENSE	2020-12-06 21:40:50 +01:00
mask.txt	Add files via upload	2020-08-04 13:38:35 +02:00
README.md	Update README.md	2021-02-19 00:47:23 +01:00
RockyouMask.py	Update RockyouMask.py	2020-09-21 14:23:18 +02:00

README.md

RockyouMask

A Mask-Attack using hashcat based on the rockyou leak

I've collected the most effective masks to use to crack passwords and put it all together so you have to do as little manual labor as possible to reach (sub) optimal results.
Suboptimal because knowing your target and using that information for a custom mask goes a lot further than even the best password cracking algotithm based on the average in the population

python:

Linux: sudo apt install python
Windows: https://www.microsoft.com/en-us/p/python-38/9mssztt1n39l?activetab=pivot:overviewtab

hashcat:

Linux: sudo apt-get install hashcat
Windows: https://hashcat.net/files/hashcat-5.1.0.7z

On Windows put your hashes in a text file (one hash per line) in the hashcat directory

On Linux put your hashes in a text file where you excecute the script

cracked hashes:

Linux: hashcat yourhashfilehere --show
Windows: in the commandline navigate to the hashcat directory - .\hashcat64.exe yourhashfilehere --show

Running a Radeon RX 570 this script can brute-force 70% of passwords in rockyou in about half a day, 60% in about half an hour