Cracking hashes with HashCat
Hashcat Is the fastest and most advanced password recovery utility supporting five unique attack modes for more than three hundred hashing algorithms.
Hashcat supports:
- Processors:
- CPU
- GPU
- Other hardware accelerators in:
- Linux
- Windows
- macOS
Hashcat also has tools to help enable distributed password cracking.
HashCat supports the following attack modes:
- Brute force
- Combinatorial attack
- Hybrid attack
- Mask Attack
- Permutation attack
- Rule Based Attack
- Table attack
- Case switch attack
Using this command, you can check all available parameters:
hashcat –h
Today we will be using dictionary attack mode.
Content:
- MD5 hashes
- Salted MD5 hashes
- MD5Crypt hash sums
- HMAC-SHA1 key
- SHA-1 hash sums
- SHA2 hashes – 384
- SHA3-512 hashes
- NTLM hashes
- CRC32 hashes
MD5 hashes
Make sure the input hashes are in a hashcat compatible format.
Example:
8743b52063cd84097a65d1633f5c74f5> hash.txt
Team:
hashcat -m 0 -a 0 hash.txt passwordlist.txt
Where:
- -m 0: MD5 hashing mode
- -a 0: dictionary attack mode
- hash.txt: a text file containing a hash in a compatible format
- passwordlist.txt: a dictionary file containing plain text passwords
Hacked hash:
8743b52063cd84097a65d1633f5c74f5 = hashcat
Salted MD5 hashes
Make sure the input hashes are in a hashcat compatible format.
Example:
md5 ($ pass. $ salt):
01dfae6e5d4d90d9892622325959afbe: 7050461> hash.txt
Team:
hashcat -m10 -a0 hash.txt passwordlist.txt
Where:
- -m 10: salted MD5 hashing mode
- -a 0: dictionary attack mode
- hash.txt: a text file containing a hash in a compatible format
- passwordlist.txt: a dictionary file containing plain text passwords
Hacked hash:
01dfae6e5d4d90d9892622325959afbe: 7050461 = hashcat
Hashes of MD5Crypt
Make sure the input hashes are in a hashcat compatible format.
Example:
md5crypt, MD5 (Unix), Cisco-IOS $ 1 $ (MD5)
$ 1 $ 28772684 $ iEwNOgGugqO9.bIz5sk8k /> hash.txt
Team:
hashcat -m 500 -a 0 hash.txt passwordlist.txt
Where:
- -m 500: hashing mode MD5Crypt Digests
- -a 0: dictionary attack mode
- hash.txt: a text file containing a hash in a compatible format
- passwordlist.txt: a dictionary file containing plain text passwords
Hacked hash:
1 $ 28772684 $ iEwNOgGugqO9.bIz5sk8k / = hashcat
HMAC-SHA1 key
Make sure the input hashes are in a hashcat compatible format.
Example:
HMAC-SHA1 (key = $ pass)
c898896f3f70f61bc3fb19bef222aa860e5ea717: 1234> hash.txt
Team:
hashcat -m150 -a 0 hash.txt passwordlist.txt
Where:
- -m 150: HMAC-SHA1 key hashing mode
- -a 0: dictionary attack mode
- hash.txt: a text file containing a hash in a compatible format
- passwordlist.txt: a dictionary file containing plain text passwords
Hacked hash:
c898896f3f70f61bc3fb19bef222aa860e5ea717: 1234 = hashcat
SHA-1 hash sums
Make sure the input hashes are in a hashcat compatible format.
Example:
b89eaac7e61417341b710b727768294d0e6a277b> hash.txt
Team:
hashcat -m100 -a 0 hash.txt passwordlist.txt
Where:
- -m 100: SHA1 hashing mode
- -a 0: dictionary attack mode
- hash.txt: a text file containing a hash in a compatible format
- passwordlist.txt: a dictionary file containing plain text passwords
Hacked hash:
b89eaac7e61417341b710b727768294d0e6a277b = hashcat
SHA2 hashes – 384
Make sure the input hashes are in a hashcat compatible format.
Example:
SHA2-384 07371af1ca1fca7c6941d2399f3610f1e392c56c6d73fddffe38f18c430a2817028dae1ef09ac683b62148a2c8757f42> hash.txt
Team:
hashcat -m 10800 -a 0 hash.txt passwordlist.txt
Where:
- -m 10800: SHA-2 hashing mode
- -a 0: dictionary attack mode
- hash.txt: a text file containing a hash in a compatible format
- passwordlist.txt: a dictionary file containing plain text passwords
Hacked hash:
07371af1ca1fca7c6941d2399f3610f1e392c56c6d73fddffe38f18c430a2817028dae1ef09ac683b62148a2c8757f42 = hashcat
SHA3-512 hashes
Make sure the input hashes are in a hashcat compatible format.
Example:
SHA3–512 7c2dc1d743735d4e069f3bda85b1b7e9172033dfdd8cd599ca094ef8570f3930c3f2c0b7afc8d6152ce4eaad6057a2ff22e71934b3a3dd0fah55a4fc>
Team:
hashcat -m 17600 -a 0 hash.txt passwordlist.txt
Where:
- -m 17600: SHA3-512 hashing mode
- -a 0: dictionary attack mode
- hash.txt: a text file containing a hash in a compatible format
- passwordlist.txt: a dictionary file containing plain text passwords
Hacked hash:
7c2dc1d743735d4e069f3bda85b1b7e9172033dfdd8cd599ca094ef8570f3930c3f2c0b7afc8d6152ce4eaad6057a2ff22e71934b3a3dd0fb55a7fc84h53144e
NTLM hashes
Make sure the input hashes are in a hashcat compatible format.
Example:
b4b9b02e6f09a9bd760f388b67351e2b> hash.txt
Team:
hashcat -m 1000 -a 0 hash.txt passwordlist.txt
Where:
- -m 1000: NTLM hashing mode
- -a 0: dictionary attack mode
- hash.txt: a text file containing a hash in a compatible format
- passwordlist.txt: a dictionary file containing plain text passwords
Hacked hash:
b4b9b02e6f09a9bd760f388b67351e2b = hashcat
CRC32 hashes
Make sure the input hashes are in a hashcat compatible format.
Example:
c762de4a: 00000000> hash.txt
Team:
hashcat -m 11500 -a 0 hash.txt passwordlist.txt
Where:
- -m 11500: CRC32 hashing mode
- -a 0: dictionary attack mode
- hash.txt: a text file containing a hash in a compatible format
- passwordlist.txt: a dictionary file containing plain text passwords
Hacked hash:
c762de4a: 00000000 = hashcat