Pranaam to all bhai ji _/\_
Today we will learn how to use 'hashcat' on linux system if you dont have it on your system by-default or it is out dated :)
her is manual process to make it working on your system ;)
lets start
first of all we need latest copy of hashcat from its website
website link is http://hashcat.net/ and here is the hashcat download page
http://hashcat.net/hashcat/
ok , wget it on your system
i am downloading it to /icalab directory , on download completion you will get a .7z file for hashcat coe
to extract this archive , system should have 7zip utility installed , if you dont have it on your system
install it by running command
yum install p7zip (for fedora,redhat and centos)
apt-get install p7zip (for ubuntu based systems)
i am using centos , so i have installed 7zip using yum
now extract hashcat.7z file
command is
7za x file.7z
here file.7z is the 7z compressed file of hashcat code and its name is hahscat-0.47.7z
so command will be
7za x hashcat-0.47.7z
you will get a directory with same name as your .7z file (mine compressed archive name is hashcat-0.47.7z so directory will be created with name hashcat-0.47)
enter in that directory and have a look at its content
you will find hashcat binary code for different-different platforms .
i am using linux and its hardware support 32 bit binary , so i will use hashcat-cli32.bin for running hashcat :)
if you are using linux OS having hardware for 64 bit support, hen you will have to use hashcat-cli64.bin file .
if you are on windows OS , select binary hashcat-cli32.exe or hashcat-cli64.exe (according to your machine hardware support).
as i executed ./hashcat-cli32.bin file , it showed , how i need to pass option and arguments to run hashcat
this is our main file .
ok :)
now i am renaming hashcat code directory from hashcat-0.47 to hashcat (no reason for it but it annoys me :P )
ok , now main step comes :)
we will create command for hashcat , means as we will type hashcat in shell terminal, shell will understand it and will execute out hashcat binary file
how???????? lets start :)
for detail , read this article http://www.mannulinux.org/2013/07/linux-shell-terminal.html
as we know, when ever we type a command in shell and try to execute it, linux shell search that command in some specific directories (read above article for deep detail).
/bin , /usr/bin are the such directories which contains command binary
here are following directories where shell search for command when we try to execute a command in linux
type command echo $PATH and shell will print possible directories where shell search for command
ok
i am using /bin directory , where i will put
code for hashcat command is
echo -e " //////////////////////////////////////////"
echo -e " # Hashcat binary executing script #"
echo -e " # -=[ with Love from Team IndiShell ]=- #"
echo -e " //////////////////////////////////////////"
DIR='/icalab/hashcat'
CMD='./hashcat-cli32.bin'
# Execute commands
cd $DIR/$TOOL
exec $CMD "$@"
Note :- please have a look on this line of code
DIR='/icalab/hashcat'
this is an important line because it tells that our hashcat code is in directory /icalab/hashcat and binary that has to use is hashcat-cli32.bin (in line CMD='./hashcat-cli32.bin')
if you have your hashcat code in directory having name /lab/hashcat , your system hardwar supports 64 bit binary , in that case you will have to change following 2 lines to make hashcat working on your system
chnage line
DIR='/icalab/hashcat'
to
DIR='/lab/hashcat'
and line
CMD='./hashcat-cli32.bin'
to
CMD='./hashcat-cli64.bin'
rest of the code will remain same.
copy this code and save in a file having name hashcat
copy file hashcat to directory /bin
run command which hashcat and make sure, shell is recognizing it
ok , shell is recognizing hashcat command ^_^
lets start how to use it :)
hashcat need 2 paramaters
hashcat [options] hashfile
or
hashcat [options] hashfile password list
here
hashcat is the hashcat command
options are the options which you need to specify to operate hashcat and tell it to what actually hashcat has to do
like , what kind of attack we will use, what type of hashes we want to crack and many more
you can get full list of options for hashcat on this page
http://hashcat.net/wiki/doku.php?id=hashcat
or run command
hashcat --help
ok i am going to show you how to use hashcat and crack hash , i have md5 hash i a file md5hash.txt whose plain text is admin
i have a dictionary with name passwords.txt
so lets start with hash cracking using dictionary
hash is simple md5 , attack mode is simple dictionary attack , hash file name is md5hash.txt and dictionary name is passwords.txt
so command will be
hashcat -a 0 -m 0 md5hash.txt passwords.txt
here
-a 0 stands for attack mode (-a) is simple (0)
-m 0 stands for hash type (-m) is md5 (0)
ok lets start XD
if your dictionary has plain password for the hash, you will get success message like this
ok lets start with brute forcing mode ;)
for brute forcing mode we will need to supply hash cracking method, hash type, password minimum length, password maximum length, hash file , character set and show option
hash cracking mode in brute force that is -a 3
hash type is md5 , so -m 0
character set , which tells what type of character we want to include in brute forcing
Built-in charsets:
?l = abcdefghijklmnopqrstuvwxyz ?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ ?d = 0123456789 ?s = !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~ ?a = ?l?u?d?s
like i want to use only lower case alphabets
for that i need to add ?l in options
i am setting password minimum length to 4 and maximum length to 7
--pw-min=NUM Password-length minimum
--pw-max=NUM Password-length maximum
--pw-min=4
--pw-max=7
--show is for showing cracked hashes only
if hash got cracked , --show will print that hash with its plain password
final command will be like this
hashcat -a 0 -m 0 --pw-min=4 --pw-max=7 md5hash.txt ?l --show
note:- ?l option should be used after hash file name else it will through an error :P
ok hashcat is ready, press enter and wait :) , if hash is weak, you will get success result soon :)
like this
this is how you can use hashcat for cracking hashes
lets have en example with joomla hash too :)
if you are using dictionary for cracking hash , hash cracking mode will be -a 0
hash type will be -m 11
for more info , see "Specific hash types and * Hash types" section on page http://hashcat.net/wiki/doku.php?id=hashcat
command will be
hashcat -a 0 -m 11 hashfile.txt dictionary.txt
here
-a 0 shows that hash cracking mode is simple
-m 11 represent hash type is joomla
hashfile.txt is the file which contain joomla hash
dictionary.txt is the password dictionary
lets go ;)
and start XD
lets crack joomla hash with bute forcing
this is how we use hashcat :)
This tutorial was setting up hashcat on linux OS and i gave a short usage intro about it :)
Thank you
Greetz to :- Guru ji Zero , code breaker ica, Aasim shaikh,Reborn, Raman kumar rana,INX_r0ot,Darkwolf indishell, Chinmay Pandya,L0rd Crus4d3r,Hackuin ,Silent poison India,Magnum sniper,Atul Dwivedi,ethicalnoob Indishell,Local root indishell,Irfninja indishell Hardeep bhai,Mannu,Viki and AR AR bhai ji <3
cool..!!!
ReplyDeleteI have one question please, what is command to use passwords.txt on .cap file but only words with length is longer than 8 and smaller than 10 ? Thank you.
ReplyDelete