©2019 Security Unleashed | New Delhi

  • Animesh Gupta

Cracking Passwords Using HASHCAT


Lets Begin the journey of Cracking Passwords…..


Download Hashcat:


Download the latest Hashcat on your Linux distribution (My Distribution is Ubuntu) from the Hashcat website.


$ wget https://hashcat.net/files/hashcat-2.00.7z

To extract the archive, you need to have 7zip utility installed. If you don’t have it on your system, install it:

Redhat/Centos/Fedora
$ yum install p7zip

In case, if yum install didn’t work for you, then you need to setup YUM repository that contains p7zip package.

Ubuntu/Debian
$ apt-get install p7zip


Unpack:


Extract the archive using the installed 7zip utility

Redhat/Centos/Fedora
$ 7za x hashcat-2.00.7z
Ubuntu/Debian
$ p7zip -d hashcat-2.00.7z

Now change to the Hashcat directory:


$ cd hashcat-2.00

You can see the binary executable as shown below:


$ ls -l hashcat-cli*.bin

In latest version of HashCat 3.6.0


The binary file is named as hashcat64.bin if it is 64bit and hashcat32.bin if it is 32bit

Based on your Hardware & OS installation, choose either 32bit or 64 bit binary. You can find out using the command:


$uname -a
 Linux ubuntu 3.13.0-65-generic #106-Ubuntu SMP Fri Oct 2 22:08:27 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

Since my OS is 64 bit, I would use Hashcat  binary compiled on 64bit (hashcat-cli64.bin). Just to make our lives easier, lets copy the binary to the standard binary locations like : /usr/bin/


$ cp hashcat-cli64.bin /usr/bin/

Link to a shorter form :


ln -s /usr/bin/hashcat-cli64.bin /usr/bin/hashcat

Great! From now on you can use the command hashcat whenever you want to use Hashcat as shown below:


$ hashcat --help

Exited to start it, then first thing is to jump to examples directory to see how does the password cracking works:


$ ls examples/

The examples are arranged based on Attack Mode (A) and the hash type (M). Lets try the simple cracking of MD5 hash type using dictionary attack mode. Pass the Hash file and the corresponding password dictionary file as arguments to the executable hashcat as shown below:


$ hashcat A0.M0.hash A0.M0.word
 Initializing hashcat v2.00 with 2 threads and 32mb segment-size...
Added hashes from file A0.M0.hash: 102 (1 salts)
b19cdd8f0b55cb888c97ec77ab1ad402:rQ-Vv2&kog_p+CMyI;/VFDD.|MQe0/eV6bi9i^"yWP('iT
 73ff3971460e3d4490049086207e4a1e:$<-+1Jz?dPL)[;)mg<so'R 5Ri0':.m^Rfv?,x[G
 7718d0884dcdd356c77de6ff4c0ad58e:>RHc
 :::::::::::::::::::::::::::::
 :::::::::::::::::::::::::::::
 All hashes have been recovered
Input.Mode: Dict (A0.M0.word)
 Index.....: 1/1 (segment), 102 (words), 2769 (bytes)
 Recovered.: 102/102 hashes, 1/1 salts
 Speed/sec.: - plains, 101 words
 Progress..: 102/102 (100.00%)
 Running...: 00:00:00:01
 Estimated.: --:--:--:--
Started: Wed Dec 16 04:41:18 2015
 Stopped: Wed Dec 16 04:41:20 2015

The above execution could successfully recover 102 hashes! Fantastic isn’t it? Of course, cracking hashes on the real world won’t be this simple, but this is of a great first step.


1 view