Information

The following is a guest post by email. This is the third part in a series of articles on his view of hacking. If you are interested in writing for CyberCROW, click Here. Otherwise, Enjoy.

Saturday, April 9, 2011

How to crack Hash method using HackCat Tools

Posted by glewoCROW 12:14 PM, under ,,,,, | No comments

There are two important types of Hash Encryption Methods.  They are MD5(Message digest 5),SHA1(Secure Hash Algorithm).  Here i'll give you a tool which will use to crack both hash function algorithms.  we can do offline cracking hashes (it means we don`t need an Internet connection that uses the hash databases that have been cracked before).


Download Hashcat Tool from here:
   
http://www.ziddu.com/download/12742727/hashcat-gui-0.2.433.zip.html
Hashcat tool can crack:
* MD5
* Md5 ($ pass. $ Salt)
* Md5 ($ salt. $ Pass)
* Md5 (md5 ($ pass))
* Md5 (md5 (md5 ($ pass)))
* Md5 (md5 ($ pass). $ Salt)
* Md5 (md5 ($ salt). $ Pass)
* Md5 ($ salt.md5 ($ pass))
* Md5 ($ salt. $ Pass. $ Salt)
* Md5 (md5 ($ salt). Md5 ($ pass))
* Md5 (md5 ($ pass). Md5 ($ salt))
* Md5 ($ salt.md5 ($ salt. $ Pass))
* Md5 ($ salt.md5 ($ pass. $ Salt))
* Md5 ($ username.0. $ Pass)
* Md5 (strtoupper (md5 ($ pass)))
* SHA1
* Sha1 ($ pass. $ Salt)
* Sha1 ($ salt. $ Pass)
* Sha1 (sha1 ($ pass))
* Sha1 (sha1 (sha1 ($ pass)))
* Sha1 (strtolower ($ username). $ Pass)
* MySQL
* MySQL4.1/MySQL5
* MD5 (WordPress)
* MD5 (PHPbb3)
* MD5 (Unix)
* SHA-1 (Base64)
* SSHA-1 (Base64)
* SHA-1 (Django)
* MD4
* NTLM
* Domain Cached credentials
* MD5 (CHAP)
* MSSQL

Attack Mode supported in this tool:
* Straight *
* Combination *
* Toggle-Case *
* Brute-Force
* Permutation


What should we do?

First, create a file with notepad:
[1] C:\temp\hash.txt and
[2] C:\ temp\results.txt ago
open the C:\ temp\hash.txt and fill with Hash you want to crack. picture as below
 For C:\temp\results.txt , do nothing and let it blank because the cracked hashes will be saved in here.

Run Hashcrack. and follow the steps below:

In this tutorial, the author uses brute-force mode, cracking technique with a combination of characters. Notice the image below:

Hash cat step
[-] In Hashfile column, click the folder icon (browse for hashfile) and open the C: \ temp \ hash.txt that you have previously made.
[-] In Brute force column, select mode and select the type of hash (we are trying to crack MD5 here)
[-] In the Password length, insert 1-14 (u may put about 20 oto 30) the longer the password length, the longer the cracking process.
[-] In bruteforce charset settings, you can fill with the desired character. eg abcdefghijklmnopqrstuvwxy z1234567890 or abcdefghijklmnopqrstuvwxy z1234567890 !@#$%^&*()_+
[-] In OUTFILE column, put a tick and specify the path in C:\temp\results.txt that you have previously made.
[-] Checklist OUTFILE Monitor and click I want to catch a Hash ..

Wait for the process of cracking (this tool directly run a CLI mode)

CLI MODE


you will find the results of the hash that has been successful on crack.
Result of Hash crack


0 comments:

Post a Comment

Categories

Blog Archive