Password cracking using Hashcat (Part1)

 

Let's talk about the best password cracker of all time

(At least best known in PUBLIC up to now! 😂🐈‍⬛)

 

What is Hashcat?

 

Hashcat is a type of password recovery tool, and a password cracker specifically. It was created to be able to hack the most complex of passwords, targeting multiple aspects of coding simultaneously. Additionally, according to online sources including Infosec Institute, it is regarded as being highly versatile and fast in comparison to other password hacking tools, making it especially threatening.

It had a proprietary code base until 2015, but is now released as open source software. Versions are available for Linux, OS X, and Windows. Examples of hashcat-supported hashing algorithms are Microsoft LM hashes, MD4, MD5, SHA-family, Unix Crypt formats, MySQL, and Cisco PIX and many more! 

 

 

What is the difference between AIRCRACK-NG and HASHCAT?

Actually, Hashcat is a tool that can use the graphic cards to brute force a password hash instead of using your CPU which is shitty when it comes to speed, it is fast and extremely flexible- to writer made it in such a way that allows distributed cracking. aircrack-ng can only work with a dictionary, which severely limits its functionality, while oclHashcat also has a rule-based engine.

Before we go through I just want to mention that you in some cases you need to use a wordlist, which is a text file containing a collection of possible passwords for use in a dictionary attack.

 

 

And, also you need to install or update your GPU driver on your machine before doing the actual cracking work.

 

 

Let's setup our lab:

 

If this process is being done in Windows. First of all, to perform a GPU based brute force on a windows machine you’ll need:

  • Hashcat binaries

  • HashcatGUI

  • Dowload Hashcat at: https://hashcat.net/hashcat/

  • Go to the directory where you downloaded it. Unzip it, on Windows or Linux machine you can use 7Zip, for OS X you should use Unarchiever.

  • Open up CMD or Terminal and navigate your location to the folder that you unzipped.

  • Run the executable file by typing hashcat32.exe or hashcat64.exe which depends on the architecture of your computer 32 or 64 bit.

 
 
Crack WPA2 password
 

Open cmd and direct it to Hashcat directory, copy .hccapx file and wordlists and simply type in cmd

 

cudaHashcat64.exe -m 2500 pheniix-AP15.hccapx mywordlist.txt secondwordlist.txt

 

Here I have Nvidia GPU, therefore I used CudaHashcat command followed by 64, as I am using Windows 10 64-bit version. yours will depend on graphics card you are using and Windows version(32/64).

 

cudaHashcat64.exe  – The program, In the same folder theres a cudaHashcat32.exe for 32 bit OS and cudaHashcat32.bin / cudaHashcat64.bin for Linux. oclHashcat*.exe for AMD graphics card.

 

-m 2500 =  The specific hashtype. 2500 means WPA/WPA2.

 

If you forget the WPA2 code for Hashcat you can use --help to see the entire manual.

 

Windows CMD: cudaHashcat64.exe –help | find “WPA”

Linux Terminal: cudaHashcat64.bin –help | grep “WPA”

It will show you the line containing “WPA” and corresponding code.

 

Pheniix-Handshake.hccap = The converted *.cap file.

mywordlist.txt secondwordlist.txt = The wordlists, you can add as many wordlists as you want. To simplify it a bit, every wordlist you make should be saved in the CudaHashcat folder.

Then press enter and wait till it is finished! 

 

Warning:  It can take sometimes days, weeks and even months in some cases if you have a monster big wordlist and only if the password is included in that giant file it will be cracked! So better to do research and enough social engineering before playing with this tool! 

 

Press enter and wait for Hashcat to finish the task. You can pass multiple wordlists at once so that Hashcat will keep on testing next wordlist until the password is matched.

 

 

 

 

 

TRADEMARK LEGAL NOTICE

All product names, logos, and brands are the property of their respective owners in Austria or other countries. All company, product and service names used on this website are for identification purposes only. Pheniix is not affiliated with or an official partner of Cisco, CompTIA,Dimension Data, VMware, Amazon, Microsoft, Certified Ethical Hacker, (ISC)², Juniper, Wireshark, Offensive Security,Google, GNS3, F5, Python, Linux, Java, OpenStack, Vagrant, Ansible, Docker, GIT, , Blockchain or other companies. Use of these names, logos, and brands does not imply endorsement. The opinions expressed on pheniix are personal perspectives and not those of Cisco, Dimension Data or any other company. Pheniix runs as an independent blog.