Cracking Hashes
Cracking of hashes is a brute force method. We take a list of known passwords, compute the hash and compare it with the hash that is to be cracked. As you can see this is a trial and error methos so it can take many iterations before the password is found. So in order to crack a hash, the more powerful system that you have the faster can the tool compute hashes. These tools predominently depend on the GPU and RAM of the system.
John the Ripper
This tool uses the rules that are defined in the configuration file and the parameters passed to the tool to crack the hash.
The following command can be used to crack a hash from an NT system,
Linux
There is an extra step while trying to crack the hash from a linux system as the hash has to be unshadowed before it can be cracked. The following command will unshadow the hash,
Hashcat
Hashcat is one of the fastest tool for cracking hashes and it offers to crack a wide variety of hashes.
m - indicates the type of hash, in this case 0 is for md5
a - indicates a dictionary attack using 0
o - To write the hash to an output file
List of some
0500 - Cracking password contained in the passwd file of Linux, MD5(Unix), MD5crypt
5600 - NetNTLM hash of Windows
1000 - NTML hash of windows
13100 - Cracking of hash of SPN created by Mimikatz
Wordpress Hashes
The hashes generated by Wordpress (Portable PHP Password Hashes) for safe guarding the passwords of its users can be cracked using the following online password cracker,
Encrypted ZIP Files
Encrypted zip files can be cracked using John by first extracting the hash of the files and then running John with a wordlist on the hash.
The hash can be extracted using John using the following the command,
Then John along with the wordlist can be run to crack the password using the following command,
The encrypted files can be opened using 7z with the following command,
Last updated