Hash cracking

To crack and detect a hash using John the Ripper, follow these steps:

Prepare Your Hash File: Ensure your hashes are stored in a text file (e.g., hash.txt).
Run John the Ripper: Open a terminal and execute the following command:
```
john hash.txt
```
View Cracked Hashes: After John has finished, you can view the cracked hashes using:
```
john --show hash.txt
```
Extracting Password Hashes from a Zip File:
- Use zip2john to extract password hashes from a zip file:
  zip2john backup.zip > hackedzip.txt john hackedzip.txt john --show ziphacked.txt
Cracking Passwords Using sqlmap:
- Use sqlmap with a wordlist to crack passwords:
  sqlmap --worldlists=/usr/share/wordlist/rockyou.txt hash.txt

# Detect the hash format of the given file 'hashes.txt'
hashid -m hashes.txt

# Crack NTLM hashes (mode 13100) using the specified hash list and password list, applying a rule set
./hashcat.exe -a 0 -m 13100 hashes.txt passwords.txt -r 1_rules_full.rule -w 3

# Automatically detect hash format and crack using the specified password list and rule set
./hashcat.exe -a 0 hashes.txt passwords.txt -r 1_rules_full.rule

# Crack Linux hashes using a predefined mode for NTLM hashes (1000)
hashcat -m 1000 -a 3 hash.txt

# Crack NTLM hashes using the 'hashdumpad' method and output to a specified password file
hashcat -m 1000 hashdumpad /home/kali/Downloads/Passwords.txt

# Crack Kerberos hashes and save the results to 'results.txt', using a specific wordlist
hashcat -m 13100 kerberoshash -a 0 -o results.txt /usr/share/wordlists/Active-Directory-Wordlists/Pass.txt

# Crack account hashes for ASP REP Roasting, ensuring to add "23$" after the relevant hash format
hashcat -m 18200 hash.txt Pass.txt 

# Change directory to the local Hashcat folder
cd ~/.hashcat 

# Change directory to Hashcat's local share folder
cd ~/.local/share/hashcat 

# View the cracked passwords alongside the original hashes using the Hashcat potfile
hashcat -m 13100 --force -a 0 hash.txt wordlist.txt --show 

# Crack NTLM hashes using John the Ripper with the specified format
john --format=nt hash.txt

Hash capturing

Capturing and Cracking Hashes Using Responder:

Deploy Responder to capture and crack hashes:
```
Responder -I <interface> -wd
```

PreviousAAD NextWordlist

Last updated 5 months ago

Hash cracking

To crack and detect a hash using John the Ripper, follow these steps:

Prepare Your Hash File: Ensure your hashes are stored in a text file (e.g., hash.txt).

Run John the Ripper: Open a terminal and execute the following command:

john hash.txt

View Cracked Hashes: After John has finished, you can view the cracked hashes using:

john --show hash.txt

Extracting Password Hashes from a Zip File:

Use zip2john to extract password hashes from a zip file:

zip2john backup.zip > hackedzip.txt
john hackedzip.txt
john --show ziphacked.txt

Cracking Passwords Using sqlmap:

Use sqlmap with a wordlist to crack passwords:

sqlmap --worldlists=/usr/share/wordlist/rockyou.txt hash.txt

# Detect the hash format of the given file 'hashes.txt'
hashid -m hashes.txt

# Crack NTLM hashes (mode 13100) using the specified hash list and password list, applying a rule set
./hashcat.exe -a 0 -m 13100 hashes.txt passwords.txt -r 1_rules_full.rule -w 3

# Automatically detect hash format and crack using the specified password list and rule set
./hashcat.exe -a 0 hashes.txt passwords.txt -r 1_rules_full.rule

# Crack Linux hashes using a predefined mode for NTLM hashes (1000)
hashcat -m 1000 -a 3 hash.txt

# Crack NTLM hashes using the 'hashdumpad' method and output to a specified password file
hashcat -m 1000 hashdumpad /home/kali/Downloads/Passwords.txt

# Crack Kerberos hashes and save the results to 'results.txt', using a specific wordlist
hashcat -m 13100 kerberoshash -a 0 -o results.txt /usr/share/wordlists/Active-Directory-Wordlists/Pass.txt

# Crack account hashes for ASP REP Roasting, ensuring to add "23$" after the relevant hash format
hashcat -m 18200 hash.txt Pass.txt 

# Change directory to the local Hashcat folder
cd ~/.hashcat 

# Change directory to Hashcat's local share folder
cd ~/.local/share/hashcat 

# View the cracked passwords alongside the original hashes using the Hashcat potfile
hashcat -m 13100 --force -a 0 hash.txt wordlist.txt --show 

# Crack NTLM hashes using John the Ripper with the specified format
john --format=nt hash.txt