Cracking and Recovering Passwords via the Hashcat Tool

Password cracking tools are useful for an assortment of different things. Normally, a person’s first thought when hearing “password cracking tool” is malicious intent.

What they don’t know is that password cracking tools are also used for recovering passwords, reviewing password security, benchmarking, and/or identifying data in a hash.

Dozens of effective password cracking tools exist, but one of the more popular choices is Hashcat. With an effective and powerful execution, Hashcat definitely earns the title of “better choice”. Linux Config describes Hashcat even further,

“Hashcat makes use of GPUs to accelerate hash cracking. GPUs are much better at handling cryptographic work than CPUs are, and they can be utilized in much greater numbers than CPUs. Hashcat also supports a very wide range of popular hashes, to ensure that it can handle deciphering nearly any password.”

Hashcat installation for Linux users:
  • (sudo) apt-get install p7zip
  • (sudo) -sH
  • cd /opt
  • wget http://hashcat.net/files/oclHashcat-plus-0.14.7z
  • p7zip -d oclHashcat-plus-0.14.7z
  • mv /opt/oclHashcat-plus-0.14 /opt/oclHashcat-plus
  • cd /opt/oclHashcat-plus

The actual execution of Hashcat is easy to understand after the necessary research. There are also detailed guides available online to help you achieve your maximum Hashcat potential.

Example Hashcat commands include:
  • –status – “Enable automatic update of the status screen”
  • –keep-guessing – “Keep guessing the hash after it has been cracked”
  • –runtime – “Abort session after X seconds of runtime”
  • –benchmark – “Run benchmark”
  • –keyspace – “Show keyspace base: mod values and quit”
  • –generate-rules – “Generate X random rules”
  • –increment – “Enable mask increment mode”
  • –hccapx-message-pair – “Load only message pairs from hccapx matching X”
  • –remove – “Enable removal of hashes once they are cracked”

These commands are only nine of dozens and dozens. There are so many things to research when learning about Hashcat, and you need to take it slow. Allow yourself time to explore and get familiar. If you take it in a gentle stride, you will be a pro before you know it.

Related posts

The Future of Mobile Security: Emerging Threats and Countermeasures

From Concept to Launch: Ensuring Cybersecurity in Product Development

What Exactly is Telematics? The Technology That’s Changing How We Drive