There are two important types of Hash Encryption Methods. They are MD5(Message digest 5),SHA1(Secure Hash Algorithm). Here i’ll give you a tool which will use to crack both hash function algorithms. we can do offline cracking hashes (it means we don`t need an Internet connection that uses the hash databases that have been cracked before).
Download Hashcat Tool from here:
http://www.ziddu.com/download/12742727/hashcat-gui-0.2.433.zip.html
Hashcat tool can crack:
* MD5
* Md5 ($ pass. $ Salt)
* Md5 ($ salt. $ Pass)
* Md5 (md5 ($ pass))
* Md5 (md5 (md5 ($ pass)))
* Md5 (md5 ($ pass). $ Salt)
* Md5 (md5 ($ salt). $ Pass)
* Md5 ($ salt.md5 ($ pass))
* Md5 ($ salt. $ Pass. $ Salt)
* Md5 (md5 ($ salt). Md5 ($ pass))
* Md5 (md5 ($ pass). Md5 ($ salt))
* Md5 ($ salt.md5 ($ salt. $ Pass))
* Md5 ($ salt.md5 ($ pass. $ Salt))
* Md5 ($ username.0. $ Pass)
* Md5 (strtoupper (md5 ($ pass)))
* SHA1
* Sha1 ($ pass. $ Salt)
* Sha1 ($ salt. $ Pass)
* Sha1 (sha1 ($ pass))
* Sha1 (sha1 (sha1 ($ pass)))
* Sha1 (strtolower ($ username). $ Pass)
* MySQL
* MySQL4.1/MySQL5
* MD5 (WordPress)
* MD5 (PHPbb3)
* MD5 (Unix)
* SHA-1 (Base64)
* SSHA-1 (Base64)
* SHA-1 (Django)
* MD4
* NTLM
* Domain Cached credentials
* MD5 (CHAP)
* MSSQL
Attack Mode supported in this tool:
* Straight *
* Combination *
* Toggle-Case *
* Brute-Force
* Permutation
What should we do?
First, create a file with notepad:
[1] C:temphash.txt and
[2] C: tempresults.txt ago
open the C: temphash.txt and fill with Hash you want to crack. picture as below
For C:tempresults.txt , do nothing and let it blank because the cracked hashes will be saved in here.
Run Hashcrack. and follow the steps below:
In this tutorial, the author uses brute-force mode, cracking technique with a combination of characters. Notice the image below:
[-] In Hashfile column, click the folder icon (browse for hashfile) and open the C: temp hash.txt that you have previously made.
[-] In Brute force column, select mode and select the type of hash (we are trying to crack MD5 here)
[-] In the Password length, insert 1-14 (u may put about 20 oto 30) the longer the password length, the longer the cracking process.
[-] In bruteforce charset settings, you can fill with the desired character. eg abcdefghijklmnopqrstuvwxy z1234567890 or abcdefghijklmnopqrstuvwxy z1234567890 !@#$%^&*()_+
[-] In OUTFILE column, put a tick and specify the path in C:tempresults.txt that you have previously made.
[-] Checklist OUTFILE Monitor and click I want to catch a Hash ..
Wait for the process of cracking (this tool directly run a CLI mode)
you will find the results of the hash that has been successful on crack.
Download Hashcat Tool from here:
http://www.ziddu.com/download/12742727/hashcat-gui-0.2.433.zip.html
Hashcat tool can crack:
* MD5
* Md5 ($ pass. $ Salt)
* Md5 ($ salt. $ Pass)
* Md5 (md5 ($ pass))
* Md5 (md5 (md5 ($ pass)))
* Md5 (md5 ($ pass). $ Salt)
* Md5 (md5 ($ salt). $ Pass)
* Md5 ($ salt.md5 ($ pass))
* Md5 ($ salt. $ Pass. $ Salt)
* Md5 (md5 ($ salt). Md5 ($ pass))
* Md5 (md5 ($ pass). Md5 ($ salt))
* Md5 ($ salt.md5 ($ salt. $ Pass))
* Md5 ($ salt.md5 ($ pass. $ Salt))
* Md5 ($ username.0. $ Pass)
* Md5 (strtoupper (md5 ($ pass)))
* SHA1
* Sha1 ($ pass. $ Salt)
* Sha1 ($ salt. $ Pass)
* Sha1 (sha1 ($ pass))
* Sha1 (sha1 (sha1 ($ pass)))
* Sha1 (strtolower ($ username). $ Pass)
* MySQL
* MySQL4.1/MySQL5
* MD5 (WordPress)
* MD5 (PHPbb3)
* MD5 (Unix)
* SHA-1 (Base64)
* SSHA-1 (Base64)
* SHA-1 (Django)
* MD4
* NTLM
* Domain Cached credentials
* MD5 (CHAP)
* MSSQL
Attack Mode supported in this tool:
* Straight *
* Combination *
* Toggle-Case *
* Brute-Force
* Permutation
What should we do?
First, create a file with notepad:
[1] C:temphash.txt and
[2] C: tempresults.txt ago
open the C: temphash.txt and fill with Hash you want to crack. picture as below
For C:tempresults.txt , do nothing and let it blank because the cracked hashes will be saved in here.
Run Hashcrack. and follow the steps below:
In this tutorial, the author uses brute-force mode, cracking technique with a combination of characters. Notice the image below:
|
| Hash cat step |
[-] In Brute force column, select mode and select the type of hash (we are trying to crack MD5 here)
[-] In the Password length, insert 1-14 (u may put about 20 oto 30) the longer the password length, the longer the cracking process.
[-] In bruteforce charset settings, you can fill with the desired character. eg abcdefghijklmnopqrstuvwxy z1234567890 or abcdefghijklmnopqrstuvwxy z1234567890 !@#$%^&*()_+
[-] In OUTFILE column, put a tick and specify the path in C:tempresults.txt that you have previously made.
[-] Checklist OUTFILE Monitor and click I want to catch a Hash ..
Wait for the process of cracking (this tool directly run a CLI mode)
|
| CLI MODE |
|
| Result of Hash crack |