World's fastest and most advanced password recovery utility
GitHub - hashcat/hashcat
Find hash-type (for -m
option)
hashcat --example-hashes
or example_hashes
-> search for start of hash (e.g. $7z
)
Execute hashcat
hashcat -m 5600 <hashes-file> <wordlist-file>
Using rule to increase coverage, e.g. OneRuleToRuleThemAll.rule
hashcat -m 1000 hashes.txt rockyou.txt -r OneRuleToRuleThemAll.rule
NTLM
hashcat -m 1000 'abd3b436b51404eeaad3c435b51404ee:b84242f37e45371aff235a6ebcac4ffe' rockyou.txt
mscash
hashcat -m 2100 '$DCC2$10240#administrator#65481e9a192e14343eb382574678c93c' rockyou.txt
Built-in charsets
?l = abcdefghijklmnopqrstuvwxyz
?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ
?d = 0123456789
?h = 0123456789abcdef
?H = 0123456789ABCDEF
?s = «space»!"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
?a = ?l?u?d?s
?b = 0x00 - 0xff
Example #1
hashcat -a 3 -m 1000 hashes.txt -1 2?l?d2 "?1?1?1?1?1?1?1"
Example #2
hashcat -a 3 -m 1000 hashes.txt --increment -1 "?l?u" -2 "?s?d" "?1?l?l?l?l?l?2?2"