Hashcat

https://www.tunnelsup.com/hash-analyzer/
https://hashes.com/en/tools/hash_identifier
https://md5hashing.net/hash/md5/a18672860d0510e5ab6699730763b250
https://hashcat.net/wiki/doku.php?id=example_hashes
hashcat -m 3200 try /usr/share/wordlists/rockyou.txt

  • 3200 is bcrypt

  • 1000 is NTLM which is when you use hashdump in meterpreter (blue, metasploit)

  • 1400 sha256

  • 1700 is SHA2-512

  • 1800 is sha512crypt /etc/shadow

  • 7300 is IPMI hash (academy - footprinting IPMI)

  • 5600 NTLMv2 from responder (Just get the entire hash from the responder)

  • 22100 is bitlocker

hashcat -m 3200 try rockyou_4characters.txt

refer to the "4 characters rockyou.txt" to get the file txt

tryhackme - crack the hash

hashcat -a 3 -m 1800 forcat.txt ?l?l?d?l?l

https://hashcat.net/wiki/doku.php?id=mask_attack

tryhackme - bruteforce heroes 

hashcat --force password.list -r custom.rule --stdout | sort -u > mut_password.list

  • Custom rule is located at ~/academy-htb

PreviousJohnNextremote desktop

Last updated