Hashcat: Using and configuring it
🕒 Reading time: 3 min

Hashcat: Using and configuring it

Hashcat is a powerful password recovery tool that supports a wide range of hashing algorithms and uses brute-force and dictionary attacks. Thanks to its flexible options and the ability to scale to different systems, it has become the choice of many cybersecurity professionals. In this article, we will take a closer look at how to configure and use this program to recover passwords effectively.

What is Hashcat?

It is a free password recovery program that supports both central processing unit (CPU) and graphics processing unit (GPU). It is capable of performing a variety of attacks on hashed passwords using several strategies, such as brute-force attacks, dictionary attacks, combination attacks, and others.

Supported Hashing Algorithms

The program supports more than 300 hashing algorithms, including:

Installing Hashcat

To install Hashcat, you first need to download it from the official website or from the GitHub repository. The installation instructions may differ depending on your operating system.

For Linux, use the following commands:

sudo apt-get update
sudo apt-get install hashcat

For Windows, download the ZIP file from the official website, unzip it, and run the executable file.

Basic Hashcat commands

The program uses the command line to launch attacks. Below are the main parameters that you should know:

  • -a – type of attack. For example, -a 0 for a dictionary attack, -a 3 for a brute-force attack.
  • -m – type of hash. For example, -m 0 for MD5, -m 1000 for NTLM.
  • --username – used when hashes contain usernames.

An example command for a dictionary attack on an NTLM hash:

hashcat -m 1000 -a 0 hash.txt /usr/share/wordlists/rockyou.txt

An example of a brute-force attack for MD5:

hashcat -m 0 -a 3 hash.txt ?a?a?a?a?a?a

Explanation:

  • A is a mask that stands for any character. It includes letters (both uppercase and lowercase), numbers, and special characters.
  • The?a?a?a?a?a?a?a?a?a is a sequence of 6 such masks, which means that Hashcat will try to search through all possible combinations of 6 characters, including letters, numbers, and special characters.

Using the Program for WPA/WPA2

The program also supports password recovery for Wi-Fi networks encrypted with WPA/WPA2. To launch a WPA2-PSK attack, you first need to obtain the network’s handshake.

Example command for WPA2:

hashcat -m 2500 handshake.hccapx dictionary.txt

Optimizing Hashcat for Effective Work

To achieve maximum efficiency, the program allows you to use several important parameters:

  • --force – allows you to force the program to run even if your system does not support some features.
  • --status – displays the current status of the attack.
  • --restore – allows you to restore the attack after a system restart.

Recommendations for use

  1. Keep your dictionaries up to date: For dictionary attacks, always use updated dictionaries with the latest popular passwords.
  2. Optimize attacks: Don’t use the most sophisticated brute-force algorithms right away. Start with simpler methods, such as attacks using known passwords or dictionaries.
  3. Use powerful hardware: GPU attacks are much faster than CPU attacks, so it is recommended to use GPUs for complex hashes.

Conclusion

Hashcat is a versatile password recovery tool that can be used to attack a variety of hash algorithms. Knowing the basic commands and properly configuring the parameters will help you effectively use this tool to test the security of your systems or to investigate cybersecurity.