Highest Voted 'hashcat' Questions - IT Security Stack Exchange

4

votes

1 answer

Using hashcat in order to crack the JWT signature in WebGoat

I've recently started to practice my penetration testing skills and I got started with WebGoat. I got to the "Authentication Bypass" chapter, to the JWT Token cracking. WebGoat presents this JWT…

asked Jan 06 '19 at 20:58

Maxim Shloz

43
1
1
5

4

votes

3 answers

Hashcat doesn’t write to output file

I am using hashcat to crack a list of md5 hashes and have used the following command hashcat -m 0 -a 0 -o out.txt --force hashdump.txt ../rockyou.txt which gives the output Session..........: hashcat Status...........: Exhausted Hash.Type........:…

linux password-cracking hashcat

asked Sep 13 '18 at 07:24

Samuel Barkes

41
1
1
2

4

votes

1 answer

Hash list for practicing password cracking

I am looking for resources like a hash cracking competition, but offline. More like a practice list of specifically crafted "passwords" hashed for the purpose of testing various cracking techniques. Currently I am ranking the runtime and…

password-cracking hashcat

asked Sep 14 '17 at 18:32

virullius

143
1
1
6

4

votes

1 answer

LM (Lan Manager) Hash - Brute Force Failing

I have a number of LM hashes that I have been attempting to crack with hashcat. My understanding was that LM splits passwords into two separate 7 character strings before they are hashed. I also believe that they only use uppercase letters, as well…

hash hashcat

asked Mar 02 '17 at 11:37

Chris

41
1
2

4

votes

1 answer

Hashcat solving truncated hashes

In hashcat, how does one specify that the given hashes have been reduced to a specific length? I.e. the stored hashes that are to be solved are truncated versions of what the hash function provides?

password-cracking hashcat

asked Oct 03 '15 at 11:14

anonymousstackuser

143
6

3

votes

1 answer

How to use multiple charsets in hashcat

I wanted to use a brute force attack on hashcat but WPA/WPA2 networks are 8-64 characters long and they have multiple possibilities of a password. I was wondering if there was a way to use multiple charsets would it be like: ?l?d?a?u or ?d?d?d?d?d…

passwords brute-force wpa2 wpa2-psk hashcat

asked Jan 11 '15 at 21:54

kprovost7314

111
1
2
8

3

votes

1 answer

Cracking Mysql 5 Hash using Hashcat

I am practicing cracking MYSQL5 hash using hash cat, however, for a reason or another, it finishes the cracking process too fast -within 30 seconds- without giving any results/errors back. I doubted that I am using an incorrect hash type, however, I…

hash password-cracking hashcat

asked May 05 '14 at 01:48

Ahmed Taher

701
6
13
23

3

votes

1 answer

How do I convert from this weird John/Asleap format to lc (for HashCat)?

I'm trying to setup a system for pen-testing. I'm using the FreeRadius-WPE patch to collect Challenges/Requests from people who connect to my spoofed AP instead of the actual network. Here is the format that FreeRadius-WPE is returning me the…

hash penetration-test password-cracking hashcat

asked Nov 21 '13 at 18:00

Freesnöw

256
1
11

3

votes

1 answer

hashcat skipping gpu even if it's recognizing the device and the driver is installed

I'm trying to run hashcat on a MacBook Pro. Running hashcat -I to check the devices' informations yields: hashcat (v6.2.5-38-g8b61f60e8) starting in backend information mode OpenCL Info: ============ OpenCL Platform ID #1 Vendor..: Apple …

macos hashcat macbookpro amd

asked Dec 16 '21 at 08:48

Francesco Ghizzo

31
1
2

3

votes

2 answers

hashcat: No hashes loaded

I've been trying Kioptrix: Level 1.1 (#2) and managed to get root access. https://www.vulnhub.com/entry/kioptrix-level-11-2,23/ wolf@linux:~$ nc -vklp 8080 listening on [any] 8080 ... 10.10.10.10: inverse host lookup failed: Unknown host connect to…

hashcat

asked May 24 '20 at 17:36

Wolf

347
2
3
15

3

votes

1 answer

Combined-Dictionary attack with hashcat, for 4 words passphrases?

Reading the new advice on password which seems to spead easily (at least in my workplace), I was wondering how to use hashcat for cracking four-word password hashes? Say I have this hash…

password-cracking hashcat dictionary

asked Jul 24 '19 at 08:19

Xenos

1,331
8
16

3

votes

1 answer

hashcat specify number of characters

I am trying to figure out a macOS hash 10.8+ and I happen to know that it uses A-Z, a-z, 0-9, is 6-8 characters, and almost certainly random. Currently, it spits out an error regarding hash length being too long, and I do not have any idea how to…

passwords hash password-cracking macos hashcat

asked Jan 22 '19 at 02:21

DangerDC

33
1
1
3

3

votes

1 answer

Hashcat: How to discard words of length less than N after rules have been applied?

Hashcat: How to discard words of length less than N after rules have been applied? I know of the rules N that discards the word if its length is less than and greater than N, respectively. The problem is that these rules can only be…

password-cracking hashcat

asked Oct 14 '18 at 09:13

Shuzheng

1,097
4
22
37

3

votes

1 answer

hashcat - is there a way to set minimum password length?

Let's say I have a couple of hashes that I need to bruteforce as dictionary attack didn't work. Is there a way I can tell hashcat to start from a specific password length so it won't waste resources on looking for results that won't work?

hashcat

asked Jun 11 '18 at 20:27

Dariusz G. Jagielski

147
1
1
3

3

votes

1 answer

How is it that tools like Hashcat, JTR able to bruteforce an NTLMv2 hashes?

With regards to the following question about the feasibility of (brute|dictionary|rainbowtable)-forcing an NTLMv2 hash: How feasible is it for an attacker to brute-force an NTLMv2 response captured off the network? ..I'm trying to understand how is…

brute-force password-cracking hashcat ntlm john-the-ripper

asked May 01 '18 at 10:15

Vicer

113
8

Questions tagged [hashcat]