2

I've been given a homework task to crack a particularly difficult password on a Unix system.

I have found users and hashes in the etc/shadow file and cracked all but this one:

$1$TyPfW4pp$Mp7O4bzX8bmWsGGV8ZrVY0

I've been told that this should be able to be cracked using Hashcat, and I should only need to use the rockyou wordlist.

I have tried the rockyou wordlist (which worked for the other hashes), other dictionaries, masks adding various characters and numbers either side and toggle attacks.

I've been advised that I shouldn't need to brute force this password.

Does anyone have any advice on what may help to crack this? I'm new to using Hashcat and cracking in general, so any advice will be welcomed and probably educational for me.

schroeder
  • 123,438
  • 55
  • 284
  • 319
Ali97
  • 31
  • 1
  • 2
  • @schroeder This is an educational task and this one password was supposed to be harder to crack than the others. Presuming that, the method that works for the others isn't supposed to work for this one. Another hash was $1$D06DmZeK$cTG0isRNogwyCeQwCZJXF. – Ali97 Mar 26 '19 at 10:18
  • 1
    That's a relevant detail. – schroeder Mar 26 '19 at 10:20
  • Clue : the $ character looks like a separator. – Overmind Mar 26 '19 at 11:06
  • 1
    @Overmind he was able to crack the other hashes. I think he knows the hash format. – schroeder Mar 26 '19 at 15:18

1 Answers1

2

It sounds like you might need to tap one of the other major feature sets of hashcat: rules. Rules are ways to express common transformations that people make against base words to "complexify" them (changing case, reversing them, leet-ifying them, etc.).

To try a rules-based attack, see the ./rules/ subdirectory, and apply one or more rulesets using attack mode 0 (-a 0) and the -r flag.

The hashcat wiki also has a primer on rule-based attacks.

Royce Williams
  • 9,128
  • 1
  • 31
  • 55