|
<< Click to Display Table of Contents >> Navigation: Password Recovery Basics > Recovering Strong Passwords > Mask Attack |
A Mask Attack can be used to speed-up the password search if certain characteristics of the password are known. A mask consist of constant and variable parts. In Elcomsoft mask engine one can use symbols, groups of symbols and dictionary words as variable parts of the mask. Variable parts of the mask always begin with the "?" character.
•?? - the '?' symbol itself
•?c - small Latin character (from 'a' to 'z')
•?C - large Latin character (from 'A' to 'Z')
•?$ - one of the special characters (small set): !@#$%^&*()-_+= and space
•?@ - one of the special characters (large/complete set): !\"#$%&'()*+,-./:;<=>?@[\]^_`{|}~ and space
•?# - any printable character with codes in the range of x20 to 0x7F
•?d - one digit (0 to 9)
•?w[dictionary_name.udic] - words from a dictionary
•?d(min-max) - a number from min to max
•?1..9(min-max) - min..max characters from the custom set, min >= 0
testmask
Only the constant part. This mask will try only one word:
testmask
test?d
The constant part is "test", the variable part is "?d". This mask will try the following passwords:
test0
test1
test2
...
test9
John?d(1-2)
Will try 1 to 2 digits after the constant part "John":
John0
John1
...
John9
John00
John01
...
John99
Eva?d(1970-2010)
Adds a year of birth at the end of the constant part "Eva":
Eva1970
Eva1971
Eva1972
...
Eva2010
John?w[last_names.udic]
Contents of the last_names.udic:
Smith
Doe
Woo
This mask will try dictionary words from the dictionary last_names.udic after the constant part "John":
JohnSmith
JohnDoe
JohnWoo