Cracking with hashcat - CraigDonkin/Infrastructure GitHub Wiki

https://hashcat.net/wiki/doku.php?id=hashcat

Attack modes

0 | straight
1 | Combination
3 | brute-force
6 | Hybrid wordlist + mask
7 | Hybrid mask + Wordlist
9 | Association

Dictionary attack

hashcat.exe -a 0 -m <code> <file with hashes> <wordlist file>

Rules

https://hashcat.net/wiki/doku.php?id=rule_based_attack

hashcat.exe -a 0 -m <code> <file with hashes> <wordlist file> -r <rules file>

Combination

https://hashcat.net/wiki/doku.php?id=combinator_attack

  • Combines entries from two dictionary into a single word

hashcat.exe -a 1 -m <code> <file with hashes> <wordlist1> <wordlist2>

  • To put a character between the two words use the -j $<character> option, to add something to the end of the two works use the -k $<something> option

hashcat.exe -a 1 -m <code> <file with hashes> <wordlist1> <wordlist2> -j $- -k $2020

Brute force with masks

https://hashcat.net/wiki/doku.php?id=mask_attack

  • To brute-force an 8 character password that starts with an upper case and ends in one number it would be ?u?l?l?l?l?l?l?d for the mask

hashcat.exe -a 3 -m <code> <file with hashes> ?u?l?l?l?l?l?l?d

  • To brute-force an 8 character password that contains a known string and you want it to end in a year (2024) for example:

hashcat.exe -a 3 -m <code> <file with hashes> Welcome?d?d?d?d

  • The built-in charsets are:
?l = abcdefghijklmnopqrstuvwxyz
?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ
?d = 0123456789
?h = 0123456789abcdef
?H = 0123456789ABCDEF
?s = «space»!"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
?a = ?l?u?d?s
?b = 0x00 - 0xff
  • If custom masks are used often, they can be stored in a hcmask file and then loaded by hashcat

hashcat.exe -a 3 -m <code> <file with hashes> <hcmask file>

Hybrid

https://hashcat.net/wiki/doku.php?id=hybrid_attack

  • Does a combination of wordlists, masks and combinator
hashcat.exe -a 6 -m <code> <file with hashes> <wordlist> <mask>
hashcat.exe -a 7 -m <code> <file with hashes> <mask> <wordlist>
  • To do a brute-force where you add 5 numbers to the end of something in a wordlist it would be:

hashcat.exe -a 6 -m <code> <file with hashes> <wordlist> ?d?d?d?d?d

  • To do a brute-force where you add 3 upper-case letters to the start of something in a wordlist it would be:

hashcat.exe -a 6 -m <code> <file with hashes> ?u?u?u <wordlist>

⚠️ **GitHub.com Fallback** ⚠️