Search This Blog

Friday, June 1, 2012

Hash Cracking tutorial with HashCat

HashCat is a tool for cracking various types of hash. This tool can do more than one Hash cracking, which means we can put some hashes into a file.txt and it crack the hashes simultaneously. we can do offline cracking hashes (it means we don`t need an Internet connection that uses the hash databases that have been cracked before).

the hash algorithm supported by this tool include:
* MD5
* Md5 ($ pass. $ Salt)
* Md5 ($ salt. $ Pass)
* Md5 (md5 ($ pass))
* Md5 (md5 (md5 ($ pass)))
* Md5 (md5 ($ pass). $ Salt)
* Md5 (md5 ($ salt). $ Pass)
* Md5 ($ salt.md5 ($ pass))
* Md5 ($ salt. $ Pass. $ Salt)
* Md5 (md5 ($ salt). Md5 ($ pass))
* Md5 (md5 ($ pass). Md5 ($ salt))
* Md5 ($ salt.md5 ($ salt. $ Pass))
* Md5 ($ salt.md5 ($ pass. $ Salt))
* Md5 ($ username.0. $ Pass)
* Md5 (strtoupper (md5 ($ pass)))
* SHA1
* Sha1 ($ pass. $ Salt)
* Sha1 ($ salt. $ Pass)
* Sha1 (sha1 ($ pass))
* Sha1 (sha1 (sha1 ($ pass)))
* Sha1 (strtolower ($ username). $ Pass)
* MySQL
* MySQL4.1/MySQL5
* MD5 (WordPress)
* MD5 (PHPbb3)
* MD5 (Unix)
* SHA-1 (Base64)
* SSHA-1 (Base64)
* SHA-1 (Django)
* MD4
* NTLM
* Domain Cached credentials
* MD5 (CHAP)
* MSSQL

Attack Mode supported in this tool:
* Straight *
* Combination *
* Toggle-Case *
* Brute-Force
* Permutation

First, create a file with notepad:
[1] C:\temp\hash.txt and
[2] C:\ temp\results.txt ago
open the C:\ temp\hash.txt and fill with Hash you want to crack. picture as below:
DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm
For C:\temp\results.txt , do nothing and let it blank because the cracked hashes will be saved in here.

Run Hashcrack. and follow the steps below:

In this tutorial, the author uses brute-force mode, cracking technique with a combination of characters. Notice the image below:
DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm

[-] In Hashfile column, click the folder icon (browse for hashfile) and open the C: \ temp \ hash.txt that you have previously made.
[-] In Brute force column, select mode and select the type of hash (we are trying to crack MD5 here)
[-] In the Password length, insert 1-14 (u may put about 20 oto 30) the longer the password length, the longer the cracking process.
[-] In bruteforce charset settings, you can fill with the desired character. eg abcdefghijklmnopqrstuvwxy z1234567890 or abcdefghijklmnopqrstuvwxy z1234567890 !@#$%^&*()_+
[-] In OUTFILE column, put a tick and specify the path in C:\temp\results.txt that you have previously made.
[-] Checklist OUTFILE Monitor and click I want to catch a Hash ..

Wait for the process of cracking (this tool directly run a CLI mode)
DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm

you will find the results of the hash that has been successful on crack.
DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm
download hashcat from here

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo

0 comments:

Post a Comment