Hashcat supports masks in mode 3 (-a 3
), which defines a particular keyspace to search in by specifing the charset of each character in the password.
For example, the mask ?u?l?l?l?l?l?l?l?d
defines a keyspace where all passwords are of the form 1 uppercase followed by 7 lowercase followed by 1 digit, totalling to 9 characters. The mask can also include literal strings, e.g. Password?d?s
.
Mask syntax:
Custom Charset
You can define your own charset in the hashcat command and use it in the mask:
where -1 ?d?s
defines ?1
to be a custom charset
Multiple Masks
It is also possible to use multiple masks together to account for different possible lengths of the password. Simply save the masks in a file and replace the mask in the command with the filename.
For example:
where example.hcmask
contains:
Note that commas separate custom charsets and the actual mask at the end.