Hashcat is a program used to crack password hashes against a list of passwords. Hashcat comes pre-loaded in kali, but can also be downloaded on Windows as well.
Setting up hashcat
In order to use hashcat, you need a hash you want to crack as well as a wordlist to test the hash against. For the lab this week, we had a sha512 hash from mediawiki and used the rockyou.txt wordlist to put our hash up against. Once hashcat is installed, there are certain parameters in you need to fill out in order to start cracking. Below is the command that was used in the lab to crack the hash.
The first parameter, -m, is the mode that hashcat is using. The mode determines the format that the hash should be set up in the text file. The second parameter, -a, determines the attack method. 0 is the code for dictionary attack, which is the most common. Next, we input the location of our hash file and then the location of our wordlist to test against. Once this is all set, we can start cracking and wait for hashcat to find the match.
