franx47

Using Hashcat to crack hash password

Posted in Cracker Tool, Hacking, Security by franx47 on January 31, 2013

Today I think I’m full of spirit,, lolz .. dont know why I just want to spend all day long by writing and sharing my knowledge in blog. Yeah, maybey I just got a full of free time. And now, it’s already night in my place.

So, let us talk about hash cracking. I’m sure all of you who often deal with SQL injection or hacking, must be familiar enough on how to crack hash password. Yes, there are lot of website which provide hash cracking for free, but some of them may offer for premium services.

Some of popular website for cracking hash password, eg:

http://crackstation.net (my favourite site)
(Supports: LM, NTLM, md2, md4, md5, md5(md5), md5-half, sha1, sha1(sha1_bin()), sha224, sha256, sha384, sha512, ripeMD160, whirlpool, MySQL 4.1+)

http://www.onlinehashcrack.com

(Supports: MySQL323, LM, NTLM, MD5, SHA1, MYSQL5, OSX)

http://www.md5crack.com

(Supports: MD5)

and so on ..

Those examples above are online web-based for cracking hash password. But, you might be want to do cracking by your self with your local computer.

For local hash cracking process, there are many popular cracker softwares you can install, for example: Cain & Abel, John The Ripper, Hashcat, etc.

In this tutorial, I would like to show you how to use Hashcat. Why hashcat? Hashcat is the world’s fastest CPU-based password recovery tool. It can be set to utilize CPU power or GPU processor of video graphic device. Remember that, GPU from VGA card is more powerful than CPU  processor power. Also, it works really nice and fast (depends on your CPU & GPU speed).

For more information of Hashcat, you can read from its official website on this link:

http://hashcat.net/wiki

So, ready to install Hashcat?

1/ First, prepare wordlist needed for cracking based on dictionary word. Actually, you can use wordlist or you may not need it since you can use pattern-based algorithm for cracking process, but it will consume much time.

- You can google around to find for wordlist on the net. Get wordlist as much as you can. More wordlist means more chance to crack hash sucessfully. Mine is more than 10 GB wordlist file.
- Save the wordlist file in .dict format file extension (not in .txt).

2/ Download Hashcat. What we want to download and use it later is Hashcat GUI. Since it’s GUI-based, then we will need 3 modules, there are hashcat, oclHashcat-plus, and oclHashcat-lite.

- Download hashcat-gui

http://hashcat.net/files/hashcat-gui-0.5.1.7z

- Download hashcat

http://hashcat.net/files/hashcat-0.42.7z

- Download oclHashcat-plus

http://hashcat.net/files/oclHashcat-plus-0.12.7z

- Download oclHashcat-lite

http://hashcat.net/files/oclHashcat-lite-0.13.7z

3/ Save those 4 files in your computer, then extract one by one.

- After extract the files, move the folder hashcat, oclHashcat-plus, oclHashcat-lite and place them under hashcat-gui folder.

Directory tree like this:

--- hashcat-gui
-------- hashcat
-------- oclHashcat-plus
-------- oclHashcat-lite

4/ Go into folder “hashcat-gui”, and then run hashcat-gui32.exe file. There are 3 options, use CPU only, NVIDIA (CUDA), or AMD (OpenCL). I’m using Nvidia VGA, so I choose NVIDIA (CUDA). You can choose other options based on your hardware types.

- There will be 3 tabs: hashcat, cudaHashcat-plus, and cudaHashcat-lite.
- To crack single hash, we can use cudaHashcat-plus or cudaHashcat-lite.
- To crack hash file, we can use hashcat or cudaHashcat-plus.
- Cracking single hash is as easy as you can see.
- To crack hash file contains more than 1 hash, then we have to create .hash file. Remember, file has to be in .hash format file extension.

After everything has been setup and understood well, now time to start cracking!

Again, cracking process time depends on your CPU & Graphical Processor (GPU) speed.

Enough for this night, I’m tired and wanna go bed. You need to take sleep also in the night, keep your body healthy. See you tomorrow. :D

3 Responses

Subscribe to comments with RSS.

  1. how to Hack Facebook account said, on November 9, 2013 at 8:53 AM

    Greetings from Florida! I’m bored to death at work so I decided to check out your blog on
    my iphone during lunch break. I enjoy the info
    you provide here and can’t wait to take a look when I get home.

    I’m surprised at how quick your blog loaded on my mobile ..
    I’m not even using WIFI, just 3G .. Anyhow, awesome site!

  2. ben said, on January 11, 2014 at 6:16 PM

    i know this post is a year old however i have recently gotten into using hashcat and cant find anywhere else to post my questions. I have hashcatolc, i completely understand how to use it and have an active dictionary of nearly a billion words. I taught myself how to extract wpa handshakes using backtrack 5. but i have no idea what to do with the information. I dont understand hashes and how you know which hash to enter into hashcat depending on the password im attempting to recover. Can hashcat only crack encrypted files on your computer based on the hash that goes along with them? or is there say a way to extract a hash from a webpage to attempt to crack that. i have no idea what im doing lol. i get the program as the language in running it is simple enough and i know how to crack a wireless networks password with an extracted wpa handshake. But i dont know what hashes to use with hashcat. If you actually get this and reply i would be beyond appreciative.

  3. franx47 said, on January 11, 2014 at 7:20 PM

    @ben:

    “Can hashcat only crack encrypted files on your computer based on the hash that goes along with them?”

    No. You need to choose manually which hash function you are gonna try to crack it, eg: MD5, SHA1, SHA2, SHA-512, MySQL 64 bit, etc. Hashcat can not automatically identify the hash format.

    So, first you should understand well the hash format. For example: MD5 has 32 hex numbers length or 16 bytes (128 bits). While, SHA1 has 40 hex numbers length.

    How do we identify the hash?

    If the hash password has 32 hex numbers length, then we may try to guess that the encryption used is MD5. But, in fact, it’s not always MD5, it perhaps a MD5 hash with salt. Again, we need to guess what kind of algorithm used to build that MD5 hash + salt.

    If the hash password has 16 hex numbers length, then we may guess the encryption tipe is MySQL 64 bit.

    In Hashcat, there are many hash algorithm functions we can use, such as VBulletin hash, Joomla hash, Unix hash, etc.

    Talking about encryption algorithm, web developer can build their own encryption method. For example, first he can encrypt the plain text password with MD5 then MD5-ed again with “salt” character.

    Another example, if you got password from a Linux server root, you may notice from /etc/shadow, there will be something like $6$xxxx…, means the password is encrypted with SHA-512 algorithm. How to crack it? You should choose SHA-512 function in Hashcat to crack it.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 91 other followers

%d bloggers like this: