Toggle search
Toggle menu
6
11
66
Brunnerne
Toggle preferences menu
Toggle personal menu
Not logged in
Your IP address will be publicly visible if you make any edits.

Hashcat

From Brunnerne
More actions
Revision as of 18:11, 2 May 2025 by The.mikkel (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Hashcat

Hashcat is a powerful password recovery tool, known for being one of the fastest based on its highly optimized kernel code that can leverage GPUs and other hardware accelerators. It supports a vast number of hash types and attack modes, making it a versatile tool for cracking.

Hashcat is frequently used in CTFs for cracking challenges where performance is key, such as:

  • Cracking various password hashes much faster than CPU-only tools.
  • Performing brute-force, dictionary, combination, and other advanced attacks on hashes.
  • Leveraging graphics cards (Nvidia, AMD, Intel) for significant speed improvements.

Basic Usage Examples

Cracking Hashes with a Wordlist

To crack hashes stored in a file named hashes.txt using a wordlist rockyou.txt. You first need to know the hash type. You can find a list of hash modes in Hashcat's documentation or by running `hashcat --help`. For example, if the hashes are MD5, the mode is `0`: 

hashcat -m 0 hashes.txt /path/to/your/wordlist.txt

Replace `0` with the appropriate mode number for your specific hash type.

Hashcat will start the cracking process. You can check the status and see cracked hashes while it's running. To view the cracked passwords after the process is complete or stopped: 

hashcat -m 0 --show hashes.txt

Specifying Attack Mode

The default attack mode is straight (wordlist), which is `-a 0`. Other common modes include brute-force (`-a 3`) using masks: 

hashcat -m 0 -a 3 hashes.txt ?l?d?u

This example attempts to crack MD5 hashes using a mask that includes lowercase letters (`?l`), digits (`?d`), and uppercase letters (`?u`).

Hashcat's power comes from selecting the correct hash mode (`-m`), attack mode (`-a`), and providing appropriate input (wordlists, masks, rule files).

Wordlists

Wordlists are crucial for dictionary attacks, which are often the most effective way to crack common passwords. A good wordlist contains lists of common passwords, leaked passwords, or relevant terms.

In environments like Kali Linux, common wordlists, including the large `rockyou.txt` (often compressed), can be found. You might need to locate or decompress them first. A general command to find wordlist directories in Kali is similar to the one used for John the Ripper: 

wordlists

The popular `rockyou.txt` file is often located in `/usr/share/wordlists/` and might need to be decompressed: 

gunzip /usr/share/wordlists/rockyou.txt.gz

Using the correct path to your chosen wordlist with the `-w` or `--wordlist` option (or just specifying the path after the hash file in the standard straight attack mode) is essential for effective wordlist attacks with Hashcat.

Retrieved from "https://wiki.brunnerne.dk/index.php?title=Hashcat&oldid=53"