Linux Tactic

Mastering Password Cracking with Hashcat: From MD5 to Brute Force

Introduction to Hashcat

Passwords are your first line of defense when it comes to keeping your online data safe and secure. But what happens when someone gains unauthorized access to your passwords?

Thats where Hashcat comes in. Hashcat is a powerful password cracking tool that can help you recover lost or forgotten passwords from a variety of sources.

But what exactly is Hashcat, and how does it work?

Hashcat Functionalities

Hashcat is an open-source password cracking tool that can be used to recover lost or forgotten passwords. It supports a wide range of hash modes, attack types, charsets, and hardware devices, making it one of the most versatile password cracking tools on the market.

Hash Modes: Hash modes are different types of hashes used to secure passwords. Hashcat supports more than 300 hash modes, including MD5, SHA-1, and SHA-256.

Attack Types: Attack types are the methods used to crack passwords. Hashcat supports six attack types, including brute-force, combination, dictionary, hybrid, mask, and rule-based.

Charsets: Charsets dictate the characters that can be used in a password. Hashcat supports a wide range of charsets, including uppercase letters, lowercase letters, numbers, and special characters.

Hardware Device Selection: Hashcat can be run on a CPU or GPU, and it supports a wide range of hardware devices. Selecting the right hardware device can have a significant impact on Hashcats performance.

Hashcat Attack Modes

Now that weve covered the basics of Hashcat, lets take a closer look at its attack modes. Hashcat supports six attack modes, each with its own strengths and weaknesses.

Brute-Force: Brute-force is the most basic type of attack and involves trying every possible combination of characters until the correct password is found. This is the slowest attack type but can be effective for short passwords.

Combination: Combination attacks involve combining and permuting words from a dictionary file. This is a faster attack type than brute-force and can be effective for longer passwords.

Dictionary: Dictionary attacks involve trying a list of words from a dictionary file. This is a faster attack type than brute-force and can be effective for passwords that use common words.

Hybrid: Hybrid attacks combine brute-force and dictionary attacks. This is a faster attack type than brute-force and can be effective for longer passwords.

Mask: Mask attacks involve guessing the password based on a known pattern. This is a faster attack type than brute-force and can be effective for passwords with predictable patterns.

Rule-Based: Rule-based attacks involve applying a set of predefined rules to a dictionary file. This is a faster attack type than brute-force and can be effective for passwords that use common patterns.

Hashcat Installation

Now that weve covered the basics of Hashcat, lets take a look at how to install it. Hashcat can be installed on Ubuntu using the following command:

sudo apt install hashcat

For other Linux distributions, Hashcat can be downloaded from the official website and extracted using the following command:

tar -xzf hashcat-5.1.0.tar.gz

Once Hashcat is installed, its important to select the right hardware device based on your systems specifications. Hashcat can be run on a CPU or GPU, and selecting the right hardware can significantly impact its performance.

Conclusion

In conclusion, Hashcat is a powerful password cracking tool that can help you recover lost or forgotten passwords. It supports a wide range of hash modes, attack types, charsets, and hardware devices, making it one of the most versatile password cracking tools on the market.

The six attack modes included in Hashcat make it easier to recover passwords based on the type of password you are trying to crack. Hashcat can be installed on Ubuntu or other Linux distributions and selecting the right hardware for your system can significantly impact its performance.

So, if you need to recover lost or forgotten passwords, Hashcat is definitely worth checking out.

3) Dictionary Attack Example – Breaking an MD5 hash using a dictionary attack

MD5 is a commonly used hash function that is often used to store passwords in databases. However, MD5 has known vulnerabilities that can make it vulnerable to cracking using brute-force or dictionary attacks.

In this section, well look at how to break an MD5 hash using a dictionary attack. A dictionary attack is a type of password cracking attack that involves trying a list of words from a dictionary file.

The idea behind a dictionary attack is that since many people use common words as passwords, a dictionary file can be an effective way to crack passwords. To perform a dictionary attack, we need a hashlist and a wordlist.

The hashlist is the file that contains the hashed password we want to crack, while the wordlist contains the words we want to use to crack the password. To demonstrate how to break an MD5 hash using a dictionary attack, well use the following MD5 hash:

5f4dcc3b5aa765d61d8327deb882cf99.

This is the MD5 hash for the password password. Well use this hash and try to crack it using a dictionary attack.

First, we need a wordlist. There are many wordlists available online that can be used for cracking passwords.

For our example, well use the rockyou.txt wordlist, which is one of the most popular wordlists used for password cracking. This wordlist contains over 14 million passwords.

Next, we need to create a hashlist file that contains the hash we want to crack. We can create a new file called hashlist.txt and add the MD5 hash we want to crack to it.

5f4dcc3b5aa765d61d8327deb882cf99

Once we have our wordlist and hashlist file, we can use Hashcat to crack the password. Well use the following command to start the dictionary attack:

hashcat -a 0 -m 0 hashlist.txt rockyou.txt

In this command, -a 0 tells Hashcat to use a dictionary attack, -m 0 tells Hashcat to use the MD5 hash mode, hashlist.txt is the file that contains the hash we want to crack, and rockyou.txt is the dictionary file we want to use.

After running the command, Hashcat will start trying every word in the rockyou.txt wordlist to find a match for the MD5 hash we want to crack. Depending on the speed of your hardware and the complexity of the password, this process could take anywhere from a few seconds to several hours.

If Hashcat finds a match, it will print the password to the screen. Hashcat also keeps a record of the passwords it has cracked in a file called Potfile.

This file is important because it prevents Hashcat from cracking the same password twice. Once a password has been cracked, it is added to the Potfile, and Hashcat will skip it if it comes across it again.

4) SHA1 Hash Example – Breaking a SHA1 hash using a dictionary attack

Like MD5, SHA1 is another hash function that is widely used for password storage. However, SHA1 has also been found to have vulnerabilities that make it vulnerable to cracking using brute-force or dictionary attacks.

In this section, well look at how to break a SHA1 hash using a dictionary attack. To demonstrate how to break a SHA1 hash using a dictionary attack, well use the following SHA1 hash:

5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8.

This is the SHA1 hash for the password password. Well use this hash and try to crack it using a dictionary attack.

Just like with the MD5 example, well need a wordlist and a hashlist to perform the dictionary attack. For this example, well use the rockyou.txt wordlist and create a hashlist file that contains the SHA1 hash we want to crack.

5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

Once we have our wordlist and hashlist file, we can use Hashcat to crack the password. Well use the following command to start the dictionary attack:

hashcat -a 0 -m 100 hashlist.txt rockyou.txt

In this command, -a 0 tells Hashcat to use a dictionary attack, -m 100 tells Hashcat to use the SHA1 hash mode, hashlist.txt is the file that contains the hash we want to crack, and rockyou.txt is the dictionary file we want to use.

After running the command, Hashcat will start trying every word in the rockyou.txt wordlist to find a match for the SHA1 hash we want to crack. Just like with the MD5 example, this process could take anywhere from a few seconds to several hours.

If Hashcat finds a match, it will print the password to the screen. In conclusion, dictionary attacks can be an effective way to crack passwords that have been hashed using vulnerable hash functions like MD5 and SHA1.

By using a wordlist and Hashcat, we can quickly and easily crack passwords that would otherwise be difficult or impossible to guess. Its important to note that while dictionary attacks can be effective, they should only be used for ethical purposes, and never for malicious purposes.

5) Brute Force Attack Example – Breaking a numerical password using brute force attack with Hashcat charset

A brute force attack is a password cracking method that involves guessing every possible combination of characters until the correct password is found. While this can be a time-consuming process, it can be effective for cracking passwords that are not complex or are relatively short.

In this section, well look at how to break a numerical password using a brute-force attack with Hashcat charset. In this example, well assume that we have a four-digit numerical password that we want to crack.

The password can contain any number from 0000 to 9999, for a total of 10,000 possible combinations. Well use Hashcats custom charset feature to perform the brute force attack.

Hashcats custom charset feature allows us to specify the characters that can be used in a password. Since we know that the password were trying to crack is a four-digit numerical password, we can create a custom charset that only contains the numbers 0-9.

We can do this by creating a new file called numeric.charset and adding the following to it:

0123456789

Next, we need to create a hashlist file that contains the password we want to crack. We can create a new file called hashlist.txt and add the hashed password to it.

Since we dont have a hashed password, well create one using the following command:

echo -n ‘1234’ | sha256sum > hashlist.txt

This will create a SHA256 hash for the password 1234. Once we have our custom charset and hashlist file, we can use Hashcat to perform the brute force attack.

Well use the following command:

hashcat -a 3 -m 1400 hashlist.txt numeric.charset

In this command, -a 3 tells Hashcat to use a brute force attack, -m 1400 tells Hashcat to use the SHA256 hash mode, hashlist.txt is the file that contains the hash we want to crack, and numeric.charset is the custom charset we want to use. After running the command, Hashcat will start trying every possible combination of four-digit numbers using the custom charset we specified.

This will take some time, as there are 10,000 possible combinations. However, since numerical passwords are generally easier to crack, this brute force attack should not take too much time.

If Hashcat finds a match, it will print the password to the screen. In this case, we know that the password is 1234, so if Hashcat successfully cracks the password, it will print 1234 to the screen.

In conclusion, brute force attacks can be an effective way to crack numerical passwords that are not complex or relatively short. By using Hashcats custom charset feature, we can specify the characters that can be used in the password and speed up the brute force attack process.

Its important to note that brute force attacks should only be used for ethical purposes and never for malicious purposes. In conclusion, Hashcat is a powerful password cracking tool that offers a variety of functionalities and attack modes to help recover lost or forgotten passwords.

With its support for a wide range of hash modes, attack types, and charsets, Hashcat provides versatility in cracking passwords. Whether using a dictionary attack to crack MD5 or SHA1 hashes, or employing a brute force attack with a custom charset for numerical passwords, Hashcat offers effective methods for password recovery.

It is important to remember that these techniques should be used ethically and responsibly. By understanding the capabilities of password cracking tools like Hashcat, users can better protect their online security and understand the importance of strong and complex passwords.

Popular Posts