How to set Hashcat mask to run Exclusive password cracking

2025-09-03 16:32:33

45990405******2017 passwords, how to run with hashcat, *all of them are numeric

To crack a password like ***45990405******2017, assuming * represents an unknown number and the password is all numbers, you can use Hashcat's mask attack. Here are the steps:

1. Determine the password structure

The password structure is:

• The first 3 digits are unknown numbers (***)

• The middle part is a known 45990405

• The last 6 digits are unknown numbers (******)

• The last 4 digits are known for 2017

Therefore, the total password length is 3 + 8 + 6 + 4 = 21 bits.

2. Use mask attacks

Hashcat's mask attack can crack passwords by specifying known and unknown parts. Suppose the known part is fixed and the unknown part is represented by ?d for the number.

The mask format is:

text

?d?d?d45990405?d?d?d?d?d?d2017

3. Run Hashcat

Assuming you have a hash file hashes.txt ready, you can use the following command:

bash

hashcat -m <hash_type> -a 3 hashes.txt ?d?d?d45990405?d?d?d?d?d?d2017

Thereinto:

• -m <hash_type>: Specify the hash type, e.g. 0 for MD5 and 100 for SHA1, and replace it according to the actual situation.

• -A 3: Specify the mask attack mode.

• hashes.txt: A file that contains the target hash.

• ?d?d?d45990405?d?d?d?d2017: Mask mode.

4. Optimize attacks

If the password is long, it may take longer to crack. It can be optimized by:

• GPU Acceleration: Ensure that Hashcat runs on GPUs.

• Dictionary attack: If there is a dictionary with a partial password, it can be combined with a dictionary attack.

• Distributed cracking: Using multiple machines to crack in parallel.

5. Sample commands

Assuming the hash type is MD5, the command is as follows:

bash

hashcat -m 0 -a 3 hashes.txt ?d?d?d45990405?d?d?d?d?d?d2017

summary

Through mask attacks, Hashcat can efficiently crack this partially known digital password. Make sure to choose the appropriate hash type and hardware resources for faster cracking.