Hashcat guide for beginners

Hashcat is the most popular password cracker and is designed to crack even the most complex password.

 

Passwords are mainly protected with hash keys, such as MD5, SHA, WHIRLPOOL, RipeMD, NTMLv1, NTMLv2 and so on. They are also defined as a one-way function and it is a mathematical function that is easy to perform, but it is very difficult to reverse.

Hashcat converts readable data into a corrupted state. Dashes do not allow anyone to decrypt data with a specific key, as standard encryption protocols do. Hashcat uses dictionaries, rainbow tables, and even careful approaches to find an effective and efficient way to crack passwords.

This article provides an introductory tutorial on breaking passwords using Hashcat software.

How to break hashes

The simplest way to crack a hash password (ie a hashed password) is to first try to guess the password. Each attempt should be fragmented and then compared to the actual hash value to see if it is the same, but this process can take a long time.

Attacks with ready-made password dictionaries and brute force are the most common ways of guessing passwords. These techniques use a file that contains words, phrases, shared passwords, and other strings that may have been used as your password.

It should be noted that there is no guaranteed way to prevent dictionary attacks or brute-force attacks.

Other approaches used to crack passwords:

  • Lookup tables (search tables): The hashed codes are pre-calculated from a dictionary and then stored in a table along with the corresponding password.
  • Reverse lookup tables (reverse lookup tables): This attack allows an attacker to apply a dictionary or a brute-force attack to multiple hashes at once.
  • Rainbow tables: Rainbow tables are one time-memory. They are similar to lookup tables, except they sacrifice the speed of breaking hashes to make lookup tables y.
  • Hashing with salt: With this technique, hashes are randomized by attaching or preparing a random string, called a "salt". This applies to the password before hashing.

Hashcat passwords

You can download Hashcat here . Can be used at Kali Linux and is pre-installed on the system. It has the following features:

  • It is multi-threaded
  • It is multi-hash and for multiple operating systems (Linux, Windows and OSX)
  • Uses many algorithms (MD4, MD5, SHA1, DCC, NTLM, MySQL, etc.)
  • All attack functions can be expanded with specialized rules
  • It is possible to resume or restrict sessions automatically. Recognize recovered hashes from the file at boot time
  • It can load a salt list from an external file. This can be used as a brute-force attack variant
  • The number of threads can be adjusted and executed based on the lowest priority
  • Supports hex-charset and hex-salt
  • 90+ algorithms can be implemented based on performance and optimization

A small lab setting on how to crack a password is shown in the next section. A dictionary attack will be simulated for a set of MD5 hashes that were originally created and saved to a file. The list of "rockyou" words found in Kali Linux was used.

How to crack a password through a dictionary attack

1. Create a dictionary with MBD5 hashes

To start this demo, we will create many hash code entries.

In detail, they will then be exported to a file called "target_hashes.txt". Each command must be executed in the terminal, as shown below:

echo -n “Password” | md5sum | tr -d ”-” >> target_hashes.txt
echo -n “HELLO” | md5sum | tr -d ”-” >> target_hashes.txt
echo -n “MYSECRET” | md5sum | tr -d ”-” >> target_hashes.txt
echo -n “Test1234 ″ | md5sum | tr -d ”-” >> target_hashes.txt
echo -n “P455w0rd” | md5sum | tr -d ”-” >> target_hashes.txt
echo -n “GuessMe” | md5sum | tr -d ”-” >> target_hashes.txt
echo -n “S3CuReP455Word” | md5sum | tr -d ”-” >> target_hashes.txt

 

The choice -n removes the new line added at the end of the "Password". This is important as we do not want new line characters to be fragmented with our password. The "tr –d '-'" section removes any characters that are blank or hyphenated from the output.

2. Check password fragmentation

To do this, we need to type the following command line in the terminal:

cat target_hashes.txt

This is also illustrated in the table below:

root @ kali: ~ / # cat target_hashes.txt dc647eb65e6711e155375218212b3964 eb61eead90e3b899c6bcbe27ac581660 958152288f2d2303ae045cffc43a02cd 2c9341ca4cf3d87b9e4eb905d6a3ec45 75b71aa6842e450f12aca00fdf54c51d 031cbcccd3ba6bd4d1556330995b8d08 b5af0b804ff7238bce48adef1e0c213f

3. Start Hashcat on Kali Linux

Hashcat can be started at Kali with the following command line: hashcat -h .

This is shown in the following screenshot:

Some of the most important options of hashcat are -m (the hashtype) and -a (attack mode). In general, we should use both options in most attempts to crack a password.

Hashcat also has specific rules for use in a wordlist file. The character list can be customized to crack passwords.

Finally, Hashcat provides many options for password fragmentation that can be broken. This is shown in the image below:

4. Select the word list

Kali Linux has many built-in word lists. To find them, use the following command line:

locate wordlists

This is shown in the image below:

The "rockyou" word list is now in use, as shown below:

root @ kali: ~ / Desktop # locate rockyou.txt /usr/share/wordlists/rockyou.txt

5. Breaking the hashes

In the final step, we can begin to we break the hashes contained in the file target_hashes.txt . We will use the following command line:

root @ kali: ~ / Desktop # hashcat -m 0 -a 0 -o cracked.txt target_hashes.txt /usr/share/wordlists/rockyou.txt

  • -m 0 specifies the type of fragmentation we will break (MD5)
  • and 0 defines a dictionary attack
  • -o cracked.txt is the output file for the passwords they have destroyed
  • The target_hashes.txt is the hash input file
  • /Usr/share/wordlists/rockyou.txt is the absolute path to the word list file for this dictionary attack

6. Results

root @ kali: ~ / Desktop # cat cracked.txt

dc647eb65e6711e155375218212b3964: Password

75b71aa6842e450f12aca00fdf54c51d: P455w0rd 

2c9341ca4cf3d87b9e4eb905d6a3ec45: test1234 

958152288f2d2303ae045cffc43a02cd: MySecret

These passwords are weak and do not take much effort or time to crack. It is important to note that the simpler the password, the easier it will be to detect.

So, make your password long and complicated. Avoid using blatant personal information. Never reuse passwords.

In addition, there are some GUIs that make hashcat easy to use. Hashview is one of these projects. It is a tool for security professionals to help organize and automate repetitive password-breaking projects. It is a web application that manages Hashcat commands.

 

 

Sources

How to Crack Passwords, Part 3 (Using Hashcat), null-byte.wonderhowto.com

KALI - How to crack passwords using Hashcat - The Visual Guide, uwnthesis.wordpress.com

How to Crack MD5 Hashes Using hashcat, 4ARMED

Hashcat Tutorial - Bruteforce Mask Attack Example for Password Cracking, Cyber ​​Pratibha

Words and Honey Words, Computer Security

 

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).