Hashcat is famous as the fastest password cracker and password recovery utility. Hashcat is designed to break or crack even the most complex passwords in a very less amount of time.
Features of hashcat:
- The 90+ Algorithm can be implemented with performance and optimization in mind.
- The number of threads can be configured.
- Hashcat is a multi-algorithm based ( MD5, MD4, MySQL, SHA1, NTLM, DCC, etc.).
- All attacks can be extended by specialized rules.
- It is multi-hash and multi-OS based (Windows and Linux).
- It supports both hex-charset and hex-salt files.
Installation: Usually Hashcat tool comes pre-installed with Kali Linux but if we need to install it write down the given command in the terminal.
sudo apt-get install hashcat
Now, you can find the hashcat Tool in Password Cracking Tools :
We are going to perform Dictionary Attack to crack Password in this article.
1. Creating Hash Entries
These entries will then be outputted to a file called “Dictionary_hashes”.
- -n: This option removes the new line added to the end of entries as we don’t want the newline characters to be hashed with our entries.
- tr -d: This option removes any characters that are a space or hyphen from the output.
2. Checking the stored Hashes
We can check the stored hashes with the help of the below command :
Some password hashes that can be cracked with hashcat can be seen below :
3. Choose the wordlists
We are going to use the “rockyou” wordlist.
4. Cracking the Hashes
Now we can crack the hashes that we stored in Dictionary_hashes.txt and we will store the result in the Done.txt file.
Now we can see the results stored in the Done.txt file by the below command: