hashcat
- crack hashes
cracking examples
| type | example |
|---|---|
| responder hashes | hashcat -m 5600 hashes.txt rockyou.txt |
| NTLM hashes | hashcat -a 0 -m 1000 ntlm.txt rockyou.txt |
| kerberoasting ticket | hashcat -m 13100 tgs.txt rockyou.txt |
using rules and masks
- just use OneRuleToRuleThemAll
- or OneRuleToRuleThemStill
rule to add years
hashcat.exe -a 0 -m 1000 ntlm.txt rockyou.txt -r rules\add-year.rulePS C:\> cat hashcat\rules\add-year.rule
$2$0$2$0masks/charsets
upper-case followed by a couple of lowercase chars and a decimal
hashcat -a 3 -m 1000 C:\Temp\ntlm.txt ?u?l?l?l?l?l?l?l?dYou can combine charsets with masks: -1 defines a custom charset → digit oder special
hashcat -a 3 -m 1000 ntlm.txt -1 ?d?s ?u?l?l?l?l?l?l?l?1Define a static template:
PS C:\> cat example.hcmask
?d?s,?u?l?l?l?l?1
?d?s,?u?l?l?l?l?l?1
?d?s,?u?l?l?l?l?l?l?1
?d?s,?u?l?l?l?l?l?l?l?1
?d?s,?u?l?l?l?l?l?l?l?l?1$ hashcat -a 3 -m 1000 ntlm.txt example.hcmaskList combinator
combines the entries from two dictionaries, -j allows to apply rulres to left- and -k to right-hand side
hashcat.exe -a 1 -m 1000 ntlm.txt list1.txt list2.txt -j $- -k $!
would yield left-right!
hybrid mode
Combines a wordlist and a combinator. mode 6 usess the combinator as a suffix, mode 7 as a prefix
> hashcat.exe -a 6 -m 1000 ntlm.txt list.txt ?d?d?d?d
> hashcat.exe -a 7 -m 1000 ntlm.txt ?d?d?d?d list.txt
kwprocessor
to create keyboard walks
> kwp64.exe basechars\\custom.base keymaps\\uk.keymap routes\\2-to-10-max-3-direction-changes.route -o keywalk.txt
research
- notsosecure oneruletorulethemalltodo