There is also a GPU version (oclhashcat), but I am on my notebook so I have to use the CPU only version, which - of course - is much slower.
Download the latest hashcat version here: https://hashcat.net/hashcat/
Download a wordlist: https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm
Create a MD5 hash: E.g.: 'hello'
echo -n "hello" | md5sum 5d41402abc4b2a76b9719d911017c592
Next, extract the hashcat archive and create a .txt file with the md5 hash(es) within the folder. Also, save the wordlist in the hashcat folder.
Start hashcat. Dictionary based attack.
Command:
./hashcat-cli64.bin -n 2 -m 0 -a 8 test.txt realhuman_phill.txt
-n, --threads=NUM Number of threads
-m, --hash-type=NUM Hash-type
-a, --attack-mode=NUM Attack-mode
--> use ./hashcat-cli64.bin -h to display all available options.
test.txt is the file with the md5 hash(es) and realhuman_phill.txt is the wordlist.
Wait...
hashcat will create a filed named hashcat.pot which contains successfully cracked hashes. You can display its contents with cat:
user@user:~/Desktop/hashcat-0.50$ cat '/home/user/Desktop/hashcat-0.50/hashcat.pot' 5d41402abc4b2a76b9719d911017c592:hello
There you go: hello.
Brute-force
If you want to read about brute-force (masked) attack have a look here: http://www.unix-ninja.com/p/Exploiting_masks_in_Hashcat_for_fun_and_profit/
Quick example of a brute-force attack for the md5 hash 'cat': 5d41402abc4b2a76b9719d911017c592
./hashcat-cli64.bin -n 2 -m 0 -a 3 test.txt ?a?a?a
?a?a?a specifies to go through all character combinations exactly 3 characters long. ?l?l?l would be lower-case only:
?l = abcdefghijklmnopqrstuvwxyz
?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ
?d = 0123456789
?s = !"#$%&'()*+,-./:;<=>?@[]^_`{|}~
?a = ?l?u?d?s
Thanks for this helpful tip! I bet many of us who have been knocking ourselves out with this can get great benefit from this. Many thanks once again
ReplyDelete