Cracking Hashed Passwords

[1.555]

You need to know what hash type it is first.  Without knowing what hash type it is you're never going to crack it.

Its SHA1 salted

Good luck with that.  You're 8 chars short of anything SHA1.

[1.555]

Oh, and SHA-1 only consists of 0-9 + A-F.  Do some more research before claiming stupid shit.

[396]

Oh, and SHA-1 only consists of 0-9 + A-F.  Do some more research before claiming stupid shit.

fc4a097c97dfff368ee4967731d144b6b8f336ed

[1.555]

Oh, and SHA-1 only consists of 0-9 + A-F.  Do some more research before claiming stupid shit.

fc4a097c97dfff368ee4967731d144b6b8f336ed

Your basic wordlist attack -  where it will iterate through every line in a dictionary file, calculate the hash and compare against your input. You can reference hashcat.net wiki or helpfile for substituting hash types (parameter m).  

Code:

# if it's plain sha-1:
hashcat -m 100 -a 0 -o cracked_hashes_out.txt 'fc4a097c97dfff368ee4967731d144b6b8f336ed' /path/to/your/dictionary.txt

# if it's salted sha-1(hash:salt):
hashcat -m 110 -a 0 -o cracked_hashes_out.txt 'fc4a097c97dfff368ee4967731d144b6b8f336ed:thesalt' /path/to/your/dictionary.txt

# if it's salted sha-1(salt:hash):
hashcat -m 120 -a 0 -o cracked_hashes_out.txt 'thesalt:fc4a097c97dfff368ee4967731d144b6b8f336ed' /path/to/your/dictionary.txt

So that's the basic wordlist attack, but if you're lucky you might have a 20% success rate / recovery rate.  To increase the recovery rate, you need to extend your dictionary using different methods.
An easy way to do that is by utilizing rules.  Rules can do things like capitalize letters, substitute chars for "leet" speak, append / prepend chars, etc. One of the more comprehensive ones that ships with hashcat is the dive rule.

Code:

hashcat -m <hashtype> -a 0 -o cracked_hashes_out.txt -r /path/to/hashcat/rules/dive.rule 'fc4a097c97dfff368ee4967731d144b6b8f336ed' /path/to/your/dictionary.txt

If you want, you can also try a bruteforce attack, but it's really only useful for shorter passwords.  I normally limit mine to 7-8 chars.  Using the --increment switch will loop through the length so it will start with one character, then 2 chars, then 3, etc.

Code:

hashcat -m <hashtype> -a 3 -o cracked_hashes_out.txt 'fc4a097c97dfff368ee4967731d144b6b8f336ed' '?a?a?a?a?a?a?a?a' --increment

There are additional methods that will get you close to 90% recovery rates, but take more time and processing.  Honestly though, if you don't get it cracked using the above, for a novice I'd just submit it to one of the online services to be cracked and pay 5-10 bucks, or whatever the going rate is.

Good luck with everything.

[396]

Oh, and SHA-1 only consists of 0-9 + A-F.  Do some more research before claiming stupid shit.

fc4a097c97dfff368ee4967731d144b6b8f336ed

Your basic wordlist attack -  where it will iterate through every line in a dictionary file, calculate the hash and compare against your input. You can reference hashcat.net wiki or helpfile for substituting hash types (parameter m).  

Code:

# if it's plain sha-1:
hashcat -m 100 -a 0 -o cracked_hashes_out.txt 'fc4a097c97dfff368ee4967731d144b6b8f336ed' /path/to/your/dictionary.txt

# if it's salted sha-1(hash:salt):
hashcat -m 110 -a 0 -o cracked_hashes_out.txt 'fc4a097c97dfff368ee4967731d144b6b8f336ed:thesalt' /path/to/your/dictionary.txt

# if it's salted sha-1(salt:hash):
hashcat -m 120 -a 0 -o cracked_hashes_out.txt 'thesalt:fc4a097c97dfff368ee4967731d144b6b8f336ed' /path/to/your/dictionary.txt

So that's the basic wordlist attack, but if you're lucky you might have a 20% success rate / recovery rate.  To increase the recovery rate, you need to extend your dictionary using different methods.
An easy way to do that is by utilizing rules.  Rules can do things like capitalize letters, substitute chars for "leet" speak, append / prepend chars, etc. One of the more comprehensive ones that ships with hashcat is the dive rule.

Code:

hashcat -m <hashtype> -a 0 -o cracked_hashes_out.txt -r /path/to/hashcat/rules/dive.rule 'fc4a097c97dfff368ee4967731d144b6b8f336ed' /path/to/your/dictionary.txt

If you want, you can also try a bruteforce attack, but it's really only useful for shorter passwords.  I normally limit mine to 7-8 chars.  Using the --increment switch will loop through the length so it will start with one character, then 2 chars, then 3, etc.

Code:

hashcat -m <hashtype> -a 3 -o cracked_hashes_out.txt 'fc4a097c97dfff368ee4967731d144b6b8f336ed' '?a?a?a?a?a?a?a?a' --increment

There are additional methods that will get you close to 90% recovery rates, but take more time and processing.  Honestly though, if you don't get it cracked using the above, for a novice I'd just submit it to one of the online services to be cracked and pay 5-10 bucks, or whatever the going rate is.

Good luck with everything.

Now what if I were to do a full list of hashes (i got 963)

[1.555]

fc4a097c97dfff368ee4967731d144b6b8f336ed

Your basic wordlist attack -  where it will iterate through every line in a dictionary file, calculate the hash and compare against your input. You can reference hashcat.net wiki or helpfile for substituting hash types (parameter m).  

Code:

# if it's plain sha-1:
hashcat -m 100 -a 0 -o cracked_hashes_out.txt 'fc4a097c97dfff368ee4967731d144b6b8f336ed' /path/to/your/dictionary.txt

# if it's salted sha-1(hash:salt):
hashcat -m 110 -a 0 -o cracked_hashes_out.txt 'fc4a097c97dfff368ee4967731d144b6b8f336ed:thesalt' /path/to/your/dictionary.txt

# if it's salted sha-1(salt:hash):
hashcat -m 120 -a 0 -o cracked_hashes_out.txt 'thesalt:fc4a097c97dfff368ee4967731d144b6b8f336ed' /path/to/your/dictionary.txt

So that's the basic wordlist attack, but if you're lucky you might have a 20% success rate / recovery rate.  To increase the recovery rate, you need to extend your dictionary using different methods.
An easy way to do that is by utilizing rules.  Rules can do things like capitalize letters, substitute chars for "leet" speak, append / prepend chars, etc. One of the more comprehensive ones that ships with hashcat is the dive rule.

Code:

hashcat -m <hashtype> -a 0 -o cracked_hashes_out.txt -r /path/to/hashcat/rules/dive.rule 'fc4a097c97dfff368ee4967731d144b6b8f336ed' /path/to/your/dictionary.txt

If you want, you can also try a bruteforce attack, but it's really only useful for shorter passwords.  I normally limit mine to 7-8 chars.  Using the --increment switch will loop through the length so it will start with one character, then 2 chars, then 3, etc.

Code:

hashcat -m <hashtype> -a 3 -o cracked_hashes_out.txt 'fc4a097c97dfff368ee4967731d144b6b8f336ed' '?a?a?a?a?a?a?a?a' --increment

There are additional methods that will get you close to 90% recovery rates, but take more time and processing.  Honestly though, if you don't get it cracked using the above, for a novice I'd just submit it to one of the online services to be cracked and pay 5-10 bucks, or whatever the going rate is.

Good luck with everything.

Now what if I were to do a full list of hashes (i got 963)

just replace the 'fc4a097c97dfff368ee4967731d144b6b8f336ed' in the above with the path to a text file containing the hashes (or hash:salt / salt:hash).

[396]

Your basic wordlist attack -  where it will iterate through every line in a dictionary file, calculate the hash and compare against your input. You can reference hashcat.net wiki or helpfile for substituting hash types (parameter m).  

Code:

# if it's plain sha-1:
hashcat -m 100 -a 0 -o cracked_hashes_out.txt 'fc4a097c97dfff368ee4967731d144b6b8f336ed' /path/to/your/dictionary.txt

# if it's salted sha-1(hash:salt):
hashcat -m 110 -a 0 -o cracked_hashes_out.txt 'fc4a097c97dfff368ee4967731d144b6b8f336ed:thesalt' /path/to/your/dictionary.txt

# if it's salted sha-1(salt:hash):
hashcat -m 120 -a 0 -o cracked_hashes_out.txt 'thesalt:fc4a097c97dfff368ee4967731d144b6b8f336ed' /path/to/your/dictionary.txt

So that's the basic wordlist attack, but if you're lucky you might have a 20% success rate / recovery rate.  To increase the recovery rate, you need to extend your dictionary using different methods.
An easy way to do that is by utilizing rules.  Rules can do things like capitalize letters, substitute chars for "leet" speak, append / prepend chars, etc. One of the more comprehensive ones that ships with hashcat is the dive rule.

Code:

hashcat -m <hashtype> -a 0 -o cracked_hashes_out.txt -r /path/to/hashcat/rules/dive.rule 'fc4a097c97dfff368ee4967731d144b6b8f336ed' /path/to/your/dictionary.txt

If you want, you can also try a bruteforce attack, but it's really only useful for shorter passwords.  I normally limit mine to 7-8 chars.  Using the --increment switch will loop through the length so it will start with one character, then 2 chars, then 3, etc.

Code:

hashcat -m <hashtype> -a 3 -o cracked_hashes_out.txt 'fc4a097c97dfff368ee4967731d144b6b8f336ed' '?a?a?a?a?a?a?a?a' --increment

There are additional methods that will get you close to 90% recovery rates, but take more time and processing.  Honestly though, if you don't get it cracked using the above, for a novice I'd just submit it to one of the online services to be cracked and pay 5-10 bucks, or whatever the going rate is.

Good luck with everything.

Now what if I were to do a full list of hashes (i got 963)

just replace the 'fc4a097c97dfff368ee4967731d144b6b8f336ed' in the above with the path to a text file containing the hashes (or hash:salt / salt:hash).

Ok thanks