Offline
Brute force on hashes.
Identify Hash
hashcat --identify <HASH>
hashid -m -j <HASH>
-m modes hashcat, -j format john
hash-identifier (inside type hash)
Cracking
hashcat -D <DEVICE> -m <TYPE> -a <ATTACKMODE> -r <RULE> <FILEtoCRACK> <WORDLIST/MASK>Device: 1=CPU, 2=GPU
AttackMode: 0=Wordlist, 3=BruteForce
Type: Wiki
Rule: Wiki
Mask: Wiki
To see the results after cracking a file:
hashcat -m <TYPE> <FILEtoCRACK> --showrm ~/.local/share/hashcat/hashcat.potfileVery useful Hashcat Utils.
john --format=<FORMAT> --wordlist=<WORDLIST> --rules=<RULES> <FILEtoCrack>Format: Wiki
john --list=formatsTo see the results after cracking a file:
john --show <FILEtoCRACK>Rule: Wiki
When your rule file is created then you have to add the name and append it to /etc/john/john.conf.
[List.Rules:<NAME_RULE>]
c $1 $3 $7 $!
c $1 $3 $7 $@
c $1 $3 $7 $#sudo sh -c 'cat <NAME_RULE> >> /etc/john/john.conf'When rules are written: if they are on the same line divided by space then they are applied together, if they are on separate lines then a new additional word is created.
rm ~/.john/john.potVery useful 2john.
ls /usr/share/john/
locate *2john*./zip2john --helpes. unshadow /etc/passwd /etc/shadow > unshadowfile
Other
On hidden image files covered by passphrase.
stegcracker <FILE> [<WORDLIST>]
Online Password Hash Cracker
A multithreaded brute-force tool to crack .aes files encrypted using the pyAesCrypt library
Last updated
Was this helpful?