{"id":25505,"date":"2020-02-18T16:57:30","date_gmt":"2020-02-18T11:27:30","guid":{"rendered":"https:\/\/www.armourinfosec.com\/?p=25505"},"modified":"2020-03-30T13:37:58","modified_gmt":"2020-03-30T08:07:58","slug":"password-cracking-with-hashcat","status":"publish","type":"post","link":"https:\/\/www.armourinfosec.com\/password-cracking-with-hashcat\/","title":{"rendered":"Password Cracking with Hashcat"},"content":{"rendered":"

Password Cracking with Hashcat<\/strong><\/h2>\n

Hello Friends, Today I’m going to explain the Hashcat password Cracking Tool, As I learn from my cybersecurity classes and reading some blogs doing practices and the help of infosec boy’s able to explain it, so obviously the credits goes to Armour Infosec<\/a><\/strong>. Password cracking and user account exploitation is one of the most issues in cybersecurity field. Password Cracking tools, like Hashcat and John the Ripper, Provide the potential attackers to check billions of passwords per second against Victim’s password hashes. these tools have proved to be effective in cracking passwords, recent research shows that combining deep learning techniques with these tools can produce significantly better results. Specifically, using Generative Adversarial Networks (GANs), which comprises of two neural networks, to generate high-quality password guesses can improve the existing tools to match 51%-73% more passwords than just the tools alone. This significant improvement demonstrates that this new approach using deep learning can generate numerous new pass-words that were once beyond the reach of other tools.On one hand, this is an impressive result driven by researchers of deep learning and cybersecurity, and on the other, a strong warning to the community of the increasing dangers of weak password authentication.<\/p>\n

This blog is a reference guide for cracking, tool usage and supportive.tools that assist pentesters in password recovery (cracking). this will not be covering the installation of these tools but will include references to their proper installation, and if all else fails, Google. Updates and additions to this blog are planned yearly as advancements in cracking evolve.<\/p>\n

\u201cPassword recovery is a battle against math, time, cost, and human behavior, and much like any battle, the tactics are constantly\u00a0 evolving.\u201d<\/p>\n

Table of content<\/strong><\/h4>\n
    \n
  1. Required Software<\/li>\n
  2. Core Hash Cracking Knowledge<\/li>\n
  3. Cracking Methodology<\/li>\n
  4. Basic Cracking<\/li>\n
  5. Dictionary \/ Wordlist<\/li>\n
  6. Rules & Masks<\/li>\n
  7. Common Hash Examples<\/li>\n
  8. Appendix\n
      \n
    1. Online Resources<\/li>\n
    2. Hashcat Menu<\/li>\n
    3. Hash Cracking Benchmarks<\/li>\n
    4. Hash Cracking Speed<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n

      REQUIRED SOFTWARE<\/h3>\n

      In order to follow many of the techniques in this manual, you will need to install the following software on your UNIX host. This book does not cover how to install said software and assumes you were able to follow the included links and extensive support websites.<\/span><\/p>\n

      HASHCAT v5.1.0 (or newer)<\/strong>
      \n      https:\/\/hashcat.net\/hashcat\/<\/a><\/p>\n

      JOHN THE RIPPER 1.9.0-jumbo-1 (or newer)<\/strong>
      \n      https:\/\/www.openwall.com\/john\/<\/a><\/p>\n

      Hashcat-utils v1.9 (or newer)<\/strong>
      \n      https:\/\/hashcat.net\/wiki\/doku.php?id=hashcat_utils<\/a><\/p>\n

      Additionally you will need dictionaries\/wordlists and highly recommend the below sources:<\/span><\/h5>\n

      WEAKPASS DICTIONARY<\/strong>
      \n      https:\/\/weakpass.com\/wordlist<\/a><\/p>\n

      CRACKSTATION DICTIONARY<\/strong>
      \n      https:\/\/crackstation.net\/buy-crackstation-wordlist-password-cracking-dictionary.htm<\/a><\/p>\n

      SKULL SECURITY WORDLISTS<\/strong>
      \n      https:\/\/wiki.skullsecurity.org\/index.php?title=Passwords<\/a><\/p>\n

      Throughout the manual, generic names have been given to the various inputs required in a cracking<\/strong>
      \ncommands structure. Legend description is below:<\/strong><\/p>\n

      COMMAND STRUCTURE LEGEND<\/strong>
      \nhashcat<\/strong> = Generic representation of the various Hashcat binary names (hashcat tool)<\/span>
      \njohn<\/strong> = Generic representation of the John the Ripper binary names (John tool)<\/span>
      \n#type<\/strong> = Hash type; which is an abbreviation in John or a number in Hashcat (hash MD5,MD4..)<\/span>
      \nhash.txt<\/strong> = File containing target hashes to be cracked (Raw hash list )<\/span>
      \ndict.txt<\/strong> = File containing dictionary\/wordlist (password list)<\/span>
      \nrule.txt<\/strong> = File containing permutation rules to alter dict.txt input<\/span>
      \npasswords.txt<\/strong> = File containing cracked password results<\/span>
      \noutfile.txt<\/strong> = File containing results of some functions output<\/span><\/h5>\n

      Lastly, as a good reference for testing various hash types to place into your \u201chash.txt\u201d file, the below<\/strong>
      \nsites contain all the various hashing algorithms and example output tailored for each cracking tool:<\/strong><\/p>\n

      HASHCAT HASH FORMAT EXAMPLES<\/strong>
      \n      https:\/\/hashcat.net\/wiki\/doku.php?id=example_hashes<\/a><\/p>\n

      JOHN THE RIPPER HASH FORMAT EXAMPLES<\/strong>
      \n      http:\/\/pentestmonkey.net\/cheat-sheet\/john-the-ripper-hash-formats<\/a>
      \nhttp:\/\/openwall.info\/wiki\/john\/sample-hashes<\/p>\n

      CORE HASH CRACKING KNOWLEDGE-:<\/span><\/h3>\n

      ENCODING vs HASHING vs ENCRYPTING<\/strong>
      \nEncoding = transforms data into a publicly known scheme for usability
      \nHashing = one-way cryptographic function nearly impossible to reverse
      \nEncrypting = mapping of input data and output data reversible with a key<\/p>\n

      CPU vs GPU<\/strong>
      \nCPU = 2\u201372 cores mainly optimized for sequential serial processing
      \nGPU = 1000\u2019s of cores with 1000\u2019s of threads for parallel processing<\/p>\n

      CRACKING TIME = KEYSPACE \/ HASHRATE<\/strong>
      \nKeyspace: charset^length (?a?a?a?a = 95\u2074 = 81,450,625)
      \nHashrate: hashing function \/ hardware power (bcrypt \/ GTX1080 = 13094 H\/s)
      \nCracking Time: 81,450,625 \/ 13094 H\/s = 6,220 seconds
      \n*Keyspace displayed and Hashrate vary by tool and hardware used.
      \nSALT = random data that\u2019s used as additional input to a one-way function
      \nITERATIONS = the number of times an algorithm is run over a given hash<\/p>\n

      HASH IDENTIFICATION<\/h3>\n

      \u201cthere isn\u2019t a foolproof method for identifying which hash function was used by simply looking at the hash, but there are reliable clues (i.e. $6$ sha512crypt).The best method is to know from where the hash was extracted and identify the hash function for that software\u201d<\/p><\/blockquote>\n

      DICTIONARY\/WORDLIST ATTACK<\/strong> = straight attack uses a precompiled list of words, phrases,
      \nand common\/unique strings and Might be genrated according to the Information gathered to attempt to match a password.<\/p>\n

      BRUTE-FORCE ATTACK<\/strong> = attempts every possible combination of a given character set, usually up
      \nto a certain length.(work like the probability mathod to make combinations)<\/p>\n

      RULE ATTACK<\/strong> = generates permutations against a given wordlist by modifying, trimming,
      \nextending, expanding, combining, or skipping words.<\/p>\n

      MASK ATTACK<\/strong> = a form of targeted brute-force attack by using placeholders for characters in certain
      \npositions (i.e<\/strong>. ?a?a?a?l?d?d<\/strong>).<\/p>\n

      HYBRID ATTACK<\/strong> = combines a Dictionary and Mask Attack by taking input from the dictionary and
      \nadding mask placeholders (i.e. dict.txt ?d?d?d)<\/strong>.CRACKING RIG = from a basic laptop to a 64 GPU cluster, this is the hardware\/ platform
      \non which you perform your password hash attacks.<\/p>\n

      EXPECTED RESULTS<\/strong>
      \nKnow your cracking rig\u2019s capabilities by performing benchmark testing and don\u2019t assume you can
      \nachieve the same results posted by forum members without using the exact same dictionary, attack plan,
      \nor hardware setup.Cracking success largely depends on your ability to use resources efficiently and
      \nmake calculated trade-offs based on the target hash.<\/p>\n

      DICTIONARY\/WORDLIST vs BRUTE-FORCE vs ANALYSIS<\/strong>
      \nDictionaries and brute-force are not the end all be all to crack hashes.They are merely the beginning and end of an attack plan.I\u2019ll say True mastery is everything in the middle,where analysis and information gathering of passwords,patterns, behaviors, and policiesaffords the ability to recover that last 20%. Experiment with your attacks and research and compile targeted wordlists with your new knowledge.Do not rely heavily on dictionaries because they can only help you with what is \u201cknown\u201d and not the unknown.In realworld Analysis of target and gather information to make your own dictionary\/wordlist is best way to attack and get credentials of the target easier and faster.<\/p>\n

      CRACKING METHODOLOGY<\/strong>
      \nFollowing is basic cracking methodology broken into steps,but the process is subject to change based on current\/future target information uncovered during the cracking process.<\/p>\n

      1 – EXTRACT HASHES<\/strong>
      \nPull hashes from target,Victim Machine,identify hashing function, and properly format output for your tool of choice.<\/p>\n

      2 – FORMAT HASHES<\/strong>
      \nFormat your hashes based on your tool\u2019s preferred method.See tool documentation for this guidance.
      \nHashcat,for example,on each line takes <user>:<hash> OR just the plain <hash>.<\/p>\n

      3 – EVALUATE HASH STRENGTH<\/strong>
      \nUsing the Appendix table \u201cHash Cracking Speed (Slow-Fast)\u201d assess your target hash and it\u2019s cracking
      \nspeed.If it\u2019s a slow hash,you will need to be more selective at what types of dictionaries and attacks
      \nyou perform.If it\u2019s a fast hash,you can be more liberal with your attack strategy.<\/p>\n

      4 – CALCULATE CRACKING RIG CAPABILITIES<\/strong>
      \nWith the information from evaluating the hash strength,baseline your cracking rig\u2019s capabilities.
      \nPerform benchmark testing using John The Ripper and\/or Hashcat\u2019s built-in benchmark ability on your
      \nrig,it\u2019s totally depends on your hardware.for example have a look..!<\/p>\n

      Hash Crackers\/Bit Coin Miners<\/strong><\/p>\n

      \"\"<\/p>\n

       <\/p>\n

      Fast Hash One<\/strong>
      \n\u2022 1.536TH\/s \u2013 Cost 3-5,000 dollars.<\/p>\n

       <\/p>\n

       <\/p>\n

       <\/p>\n

      \"\"<\/p>\n

      25 GPU Hash Cracker<\/strong>
      \n\u2022 An eight character NTLM password
      \ncracked in 5.5 hours. 14 character LM
      \nhash cracked in six minutes.350 billion
      \nhashes per second.<\/p>\n

       <\/p>\n

       <\/p>\n

      To know about your System capability,use these command to get the result.<\/p>\n

      hashcat --benchmark --force\r\nhashcat -b -m 0 --force\r\n<\/pre>\n
      \"hashcat<\/p>\n
      \"This
      Hashcat speed of cracking MD5 Hash<\/span><\/figcaption><\/figure>\n
       <\/p>\n
       <\/p>\n
       <\/p>\n
       <\/p>\n
       <\/p>\n
       <\/p>\n
       <\/p>\n
       <\/p>\n
       <\/p>\n
       <\/p>\n
       <\/p>\n
       <\/p>\n
      Based on these results you will be able to better assess your attack options by knowing your rigs capabilities against a specific hash. This will be a more accurate result of a hash\u2019s cracking speed based on your rig.It will be useful to save these results for future reference.<\/p>\n
      5 – FORMULATE PLAN<\/strong>
      \nBased on known or unknown knowledge begin creating an attack plan.Included on the next page is a
      \n\u201cBasic Cracking\u201d to get you started.<\/p>\n
      6 – ANALYZE PASSWORDS<\/strong>
      \nAfter successfully cracking a sufficient amount of hashes analyze the results for any clues or patterns.
      \nThis analysis may aid in your success on any remaining hashes.<\/p>\n
      7 – CUSTOM ATTACKS<\/strong>
      \nBased on your password analysis create custom attacks leveraging those known clues or patterns.
      \nExamples would be custom mask attacks or rules to fit target users\u2019 behavior or preferences.just by doing some social engineering and footprinting or depends on your knowldge.<\/p>\n
      8 – ADVANCED ATTACKS<\/strong>
      \nExperiment with Princeprocessor, custom Markov-chains, maskprocessor, or custom dictionary attacks
      \nto shake out those remaining stubborn hashes. This is where your expertise and creativity really come
      \ninto play.<\/p>\n
      9 – REPEAT<\/strong>
      \nGo back to STEP 4 and continue the process over again, tweaking dictionaries, mask, parameters, and
      \nmethods.gather some more information about,You\u2019re in the grind at this point and need to rely on skill and luck.<\/p>\n
      Basic-cracking<\/strong><\/h3>\n
      This is only meant as a basic guide to processing hashes and each scenario will obviously be unique
      \nbased on external circumstances.For this attack plan we will assume we know the password hashes are
      \nraw MD5 and assume we have already captured some plain text passwords of users.If we had no
      \nknowledge of plain text passwords we would most likely skip to DICTIONARY\/WORDLIST attacks.
      \nLastly,since MD5 is a \u201cFast\u201d hash we can be more liberal with our attack plan.<\/p>\n
      1 – CUSTOM WORDLIST<\/strong>
      \nFirst compile your known plain text passwords into a custom wordlist file.Pass this to your tool of
      \nchoice as a straight dictionary attack.<\/p>\n
      hashcat -a 0 -m 0 -w 4 hash.txt custom_list.txt\r\nhashcat -a 0 -m 0 -w 4 hash.txt pass.txt --force<\/pre>\n
      This will work only for MD5 hash where:-<\/p>\n
      -a 0 designates a dictionary attack
      \n-m 0 designates the type of hash we are cracking (MD5)
      \n-w 4 workload profile
      \n-o cracked.txt is the output file for the cracked passwords.
      \nhash.txt is our input file of hashes.
      \ncustom_list.txt is the wordlist file for this dictionary attack.<\/p>\n
      \"Hashcat<\/p>\n
      After cracking the output file will show you the passwords of cracked hashes like down below…<\/p>\n
      \"\"<\/p>\n
       <\/p>\n
       <\/p>\n
       <\/p>\n
      2 – CUSTOM WORDLIST + RULES<\/strong>
      \nRun your custom wordlist with permutation rules to crack slight variations.Rules will help you to get password sooner as you have the information about victim hash.follow this link to know more about rule based attack.after all this is rockyou.txt not custom wordlist you can use according to your victim.<\/p>\n
      https:\/\/www.armourinfosec.com\/performing-rule-based-attack-using-hashcat\/<\/a><\/p>\n
      hashcat -a 0 -m 0 target_hash\/mayhem.hash  \/usr\/share\/wordlists\/rockyou.txt -r rules --debug-mode=1 --debug-file=matched.rule --force<\/pre>\n
      \"hashcat<\/p>\n
      3 – DICTIONARY\/WORDLIST<\/strong>
      \nPerform a broad dictionary attack, looking for common passwords and leaked passwords in well known
      \ndictionaries\/wordlists.I’m using best64.rule of hashcat and rockyou.txt to crack.<\/p>\n
      hashcat -a 0 -m 0 target_hash\/mayhem.hash \/usr\/share\/wordlists\/rockyou.txt -r best64.rule --debug-mode=1 --debug-file=matched.rule --force<\/pre>\n
      \"hashcat<\/p>\n
      4 – DICTIONARY\/WORDLIST + RULES<\/strong>
      \nAdd rule permutations to the broad dictionary attack, looking for subtle changes to common words\/phrases and leaked passwords.<\/p>\n
      hashcat -a 0 -m 0 -w 4 target_hash\/mayhem.hash \/usr\/share\/wordlists\/rockyou.txt -r \/usr\/share\/hashcat\/rules\/best64.rule --debug-mode=1 --debug-file=matched.rule --force\r\n<\/pre>\n
      \"hashcat<\/strong><\/p>\n
      for the output open matched.rule to which rules are worked.<\/p>\n
      5 – CUSTOM WORDLIST + RULES<\/strong>
      \nAdd any newly discovered passwords to your custom wordlist and run an attack again with permutation
      \nrules, looking any other variations,just by hitting the echo or awk to append the new rule.and then use the above command.
      \n:: awk -F \u201c:\u201d \u2018{print $2}\u2019 hashcat.potfile >> custom_list.txt<\/p>\n
      6 – MASK<\/strong>
      \nNow we will use mask attacks included with Hashcat to search the keyspace for common password
      \nlengths and patterns, based on the RockYou dataset.there’s many pattern of passwords inside the rockyou-1-6-.hcmask like our rule based attack.go to the link to find all paths of hashcat       https:\/\/centos.pkgs.org\/6\/forensics-i386\/hashcat-3.00-1.el6.i686.rpm.html <\/a>Already stored masks of hashcat.(note: attack mode will be change -a 0 to -a 3)<\/p>\n
      \"hashcat<\/p>\n
      hashcat -a 3 -m 0 -w 4 target_hash\/mayhem.hash  \/usr\/share\/hashcat\/masks\/rockyou-1-60.hcmask --force\r\n<\/pre>\n
       <\/p>\n
      \"hashcat<\/p>\n
      \"hashcat<\/p>\n
      The list of all recovered passwords of given hashes.<\/p>\n
       <\/p>\n
      7 – HYBRID DICTIONARY + MASK<\/strong>
      \nUsing a dictionary of your choice, conduct hybrid attacks looking for larger variations of common words or known passwords by appending\/prepending masks to those candidates.now i think you’re able to run the commands according to needs.can’t show you all the output screen shots.there’s lots more i have to cover in this blog so lets move on to the next..<\/p>\n
      hashcat -a 7 -m 0 -w 4 hash.txt rockyou-1\u201360.hcmask dict.txt\r\nhashcat -a 6 -m 0 -w 4 hash.txt dict.txt rockyou-1-60.hcmask<\/pre>\n
      8 – CUSTOM WORDLIST + RULES<\/strong>
      \nAdd any newly discovered passwords back to your custom wordlist and run an attack again with
      \npermutation rules looking any other subtle variations.<\/p>\n
      awk -F \u201c:\u201d \u2018{print $2}\u2019 hashcat.potfile >> custom_list.txt\r\nhashcat -a 0 -m 0 -w 4 hash.txt custom_list.txt -r dive.rule --loopback<\/pre>\n
      9 – COMBO<\/strong>
      \nUsing a dictionary of your choice, perform a combo attack by individually combining the dictionary\u2019s
      \npassword candidates together to form new candidates.just mean combinig to dictionary’s to crack the hash.<\/p>\n
      hashcat -a 1 -m 0 -w 4 hash.txt dict.txt dict.txt<\/pre>\n
      10 – CUSTOM HYBRID ATTACK<\/strong>
      \nAdd any newly discovered passwords back to your custom wordlist and perform a hybrid attack against
      \nthose new acquired passwords.<\/p>\n
      awk -F \u201c:\u201d \u2018{print $2}\u2019 hashcat.potfile >> custom_list.txt\r\nhashcat -a 6 -m 0 -w 4 hash. txt custom_list.txt rockyou-1-60.hcmask\r\nhashcat -a 7 -m 0 -w 4 hash. txt rockyou-1-60.hcmask custom_list.txt<\/pre>\n
      11 – CUSTOM MASK ATTACK<\/strong>
      \nBy now the easier, weaker passwords may have fallen to cracking, but still some remain.Using PACK
      \ncreate custom mask attacks based on your currently cracked passwords. Be sure to sort out<\/p>\n
      masks that match the previous rockyou-1-60.hcmask list.\r\nhashcat -a 3 -m 0 -w 4 hash.txt custom_masks.hcmask<\/pre>\n
      12 – BRUTE-FORCE<\/strong>
      \nWhen all else fails begin a standard brute-force attack, being selective as to how large a keyspace your
      \nrig can adequately brute-force. Above 8 characters this is typically pointless due to hardware limitations
      \nand password entropy\/ complexity.This particular mask will attempt to bruteforce an 8 character password.<\/p>\n
      Hashcat has the following charsets built-in:<\/p>\n
      ?l = abcdefghijklmnopqrstuvwxyz (lowercase)\r\n?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ(uppercase)\r\n?d = 0123456789(digits)  \r\n?h = 0123456789abcdef(digit+lowercase)\r\n?H = 0123456789ABCDEF(d+u)\r\n?s = \u00abspace\u00bb!\"#$%&'()*+,-.\/:;<=>?@[\\]^_`{|}~  (special char)\r\n?a = ?l?u?d?s (all alpha + lwrc + digit + special char)\r\n\r\n<\/pre>\n
      hashcat -a 3 -m 0 -w 4 target_hash\/mayhem.hash -i ?a?a?a?a?a?a?a?a --force<\/pre>\n
      \"hashcat<\/p>\n
      \"hashcat<\/p>\n
      ONLINE PASSWORD ANALYSIS RESOURCES<\/strong><\/h4>\n
      WEAKPASS<\/strong>
      \nAnalyzes public password dumps and provides efficient dictionaries for download.
      \nhttp:\/\/weakpass.com\/<\/a>
      \nPASSWORD RESEARCH<\/strong>
      \nImportant password security and authentication research papers in one place.
      \n      http:\/\/www.passwordresearch.com\/<\/a>
      \nTHE PASSWORD PROJECT<\/strong>
      \nCompiled analysis of larger password dumps using PIPAL and PASSPAL tools.
      \n      http:\/\/www.thepasswordproject.com\/leaked_password_lists_and_dictionaries<\/a><\/p>\n
      DICTIONARY \/ WORDLIST<\/strong><\/h4>\n
      DOWNLOAD RESOURCES<\/strong><\/p>\n
      WEAKPASS<\/strong>
      \n      http:\/\/weakpass.com\/wordlist<\/a>
      \nCRACKSTATION DICTIONARY<\/strong>
      \n      https:\/\/crackstation.net\/buy-crackstation-wordlist-password-cracking-dictionary.htm<\/a>
      \nHAVE I BEEN PWNED<\/strong>
      \n*You\u2019ll have to crack the SHA1\u2019s
      \n      https:\/\/haveibeenpwned.com\/passwords<\/a>
      \nSKULL SECURITY WORDLISTS<\/strong>
      \n      https:\/\/wiki.skullsecurity.org\/index.php?title=Passwords<\/a>
      \nCAPSOP<\/strong>
      \n      https:\/\/wordlists.capsop.com\/<\/a>
      \nUNIX-NINJA DNA DICTIONARY<\/strong>
      \n*Dictionary link at bottom of article*
      \n      https:\/\/www.unix-ninja.com\/p\/Password_DNA<\/a>
      \nPROBABLE-WORDLIST<\/strong>
      \n      https:\/\/github.com\/berzerk0\/Probable-Wordlists<\/a>
      \nEFF-WORDLIST<\/strong>
      \nLong-list (7,776 words) & Short-list (1,296 words)
      \n      https:\/\/www.eff.org\/files\/2016\/07\/18\/eff_large_wordlist.txt<\/a>
      \n      https:\/\/www.eff.org\/files\/2016\/09\/08\/eff_short_wordlist_1.txt<\/a>
      \nRAINBOW TABLES<\/strong>
      \n*Rainbow Tables are for the most part obsolete but provided here for reference*
      \n      http:\/\/project-rainbowcrack.com\/table.htm<\/a><\/p>\n
      TARGETED WORDLISTS<\/strong><\/h4>\n
      CeWL<\/strong>
      \nCustom wordlist generator scrapes & compiles keywords from websites.
      \n      https:\/\/digi.ninja\/projects\/cewl.php<\/a>
      \nExample scan depth of 2 and minimum word length of 5 output to wordlist.txt<\/p>\n
      cewl -d 2 -m 5 -w wordlist.txt http:\/\/<target website><\/pre>\n
      \"Cewl<\/strong><\/p>\n
      SMEEGESCRAPE<\/strong>
      \nText file and website scraper which generates custom wordlists from content.
      \n      http:\/\/www.smeegesec.com\/2014\/01\/smeegescrape-text-scraper-and-custom.html<\/a>
      \nCompile unique keywords from text file and output into wordlist.<\/p>\n
      SmeegeScrape.py -f file.txt -o wordlist.txt<\/pre>\n
      Scrape keywords from target website and output into wordlist.<\/p>\n
      SmeegeScrape.py -u http:\/\/<target website> -si -o wordlist.txt<\/pre>\n
      GENERATE PASSWORD HASHES<\/strong><\/p>\n
      HASHCAT<\/strong>
      \n      https:\/\/github.com\/hashcat\/hashcat\/tree\/master\/tools<\/a><\/p>\n
      test.pl passthrough <#type> <#> dict.txt<\/pre>\n
      MDXFIND<\/strong>
      \nhttps:\/\/hashes.org\/mdxfind.php<\/p>\n
      echo | mdxfind -z -h \u2018<#type>\u2019 dict.txt<\/pre>\n
      LYRICPASS (Song Lyrics Password Generator)<\/strong><\/p>\n
       python3 lyricpass.py -a \"eminem\"\r\n<\/pre>\n
      \"lyrics<\/p>\n
      ONLINE HASH CRACKING SERVICES<\/strong><\/h4>\n
      GPUHASH<\/strong>
      \n      https:\/\/gpuhash.me\/<\/a>
      \nCRACKSTATION<\/strong>
      \n      https:\/\/crackstation.net\/<\/a>
      \nONLINE HASH CRACK<\/strong>
      \n      https:\/\/www.onlinehashcrack.com\/<\/a>
      \nHASH HUNTERS<\/strong>
      \n      http:\/\/www.hashhunters.net\/<\/a><\/p>\n
      COMMON HASH EXAMPLES<\/strong><\/span><\/p>\n
      MD5, NTLM, NTLMv2, LM, MD5crypt, SHA1, SHA256, bcrypt, PDF 1.4 - 1.6 (Acrobat 5-8),\r\nMicrosoft OFFICE 2013, RAR3-HP, Winzip, 7zip, Bitcoin\/Litecoin, MAC OSX v10.5-v10.6,\r\nMySQL 4.1-5+, Postgres, MSSQL(2012)-MSSQL(2014), Oracle 11g, Cisco TYPE 4 5 8 9, WPA\r\nPSK \/ WPA2 PSK<\/pre>\n
      MDS (<\/strong>HASHCAT)<\/p>\n
      HASH FORMAT
      \n8743b52063cd84097a65dl633f5c74f5<\/p>\n
      BRUTE FORCE ATTACK<\/strong><\/p>\n
      hashcat -m 0 -a 3 hash.txt ?a?a?a?a?a?a<\/pre>\n
      WORDLIST ATTACK<\/strong><\/p>\n
      hashcat -m 0 -a 0 hash.txt dict.txt<\/pre>\n
      WORDLIST + RULE ATTACK<\/strong><\/p>\n
      hashcat -m 0 -a 0 hash.txt dict.txt -r rule.txt<\/pre>\n
      NTLM (PWDUMP)<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \nb4b9b02e6f09a9bd760f388b67351e2b
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 1000 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 1000 -a 0 hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 1000 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      LM<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \n$LM$a9c604d244c4e99d
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 3000 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 3000 -a 0 hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 3000 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      MD5CRYPT<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \n$1$28772684$iEwNOgGugq09.bIz5sk8k\/
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 500 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 500 -a 0 hash.txt dict.txtWORDLIST + RULE ATTACK
      \nhashcat -m 500 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      SHA1<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \nb89eaac7e61417341b710b727768294d0e6a277b
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 100 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 100 -a 0 hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 100 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      SHA256<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \n127e6fbfe24a750e72930c220a8el38275656b8e5d8f48a98c3c92df2caba935
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 1400 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 1400 -a 0 hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 1400 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      BCRYPT<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \n$2a$05$LhayLxezLhKlLhWvKxCyLOj0jlu.Kj0jZ0pEmml34uzrQlFvQDLF6<\/p>\n
      BRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 3200 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 3200 -a 0 hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 3200 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      PDF 1.4 – 1.6 (ACROBAT 5-8)<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \n$pdf$2*3*128*-1028*l*16*da42eel5d4b3e08fe5b9ecea0e02ad0f*32*c9b59d72c7c670c42eeb
      \n4fcald2cal5000000000000000000000000000000000*32*c4ff3e868dc87604626c2b8c259297al
      \n4d58c6309c70b00afdfblfbbal0ee571
      \nEXTRACT HASH<\/strong>
      \npdf2hashcat.py example.pdf > hash.txt
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 10500 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 10500 -a 0 hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 10500 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      MICROSOFT OFFICE 2013<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \nexample.docx:$office$*2013*100000*256*16*7dd611d7eb4c899f74816dldec817b3b*948dc0
      \nb2c2c6c32fl4b5995a543ad037*0b7ee0e48e935f937192a59de48a7d561ef2691d5c8a3ba87ec2d
      \n04402a94895
      \nEXTRACT HASH<\/strong>
      \noffice2hashcat.py example.docx > hash.txt
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 9600 -a 3 –username hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 9600 -a 0 –username hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 9600 -a 0 –username hash.txt dict.txt -r rule.txt<\/p>\n
      RAR3-HP (ENCRYPTED HEADER)<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \n$RAR3$*0*45109af8ab5f297a*adbf6c5385d7a40373e8f77d7b89d317
      \n#!Ensure to remove extraneous rar2john output to match above hash!#
      \nEXTRACT HASH<\/strong>
      \nrar2john.py example.rar > hash.txt
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 12500 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 12500 -a 0 hash.txt dict.txtWORDLIST + RULE ATTACK
      \nhashcat -m 12500 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      WINZIP<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \n$zip2$*0*3*0*b5d2b7bf57ad5e86a55c400509c672bd*d218*0**ca3d736d03a34165cfa9*$\/ zip2$
      \n#!Ensure to remove extraneous zip2john output to match above hash!#
      \nEXTRACT HASH<\/strong>
      \nzip2john.py example.zip > hash.txt
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 13600 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 13600 -a 0 hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 13600 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      7-ZIP<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \n$7z$0$19$0$salt$8$f6196259a7326e3f0000000000000000$185065650$112$98$f3bc2a88062c
      \n419a25acd40c0c2d75421cf23263f69c51bl3f9blaada41a8a09f9adeae45d67c60b56aad338f20c
      \n0dcc5eb811c7a61128ee0746f922cdb9c59096869f341c7a9cblac7bb7d771f546b82cf4e6flla5e
      \nCd4b61751e4d8de66dd6e2dfb5b7dl022d2211e2d66eal703f96
      \n#!Ensure to remove extraneous 7zip2john output to match above hash!#
      \nEXTRACT HASH<\/strong>
      \n7z2john.py example.7z > hash.txt
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 11600 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 11600 -a 0 hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 11600 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      BITCOIN \/ LITECOIN<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \n$bitcoin$96$d011alb6a8d675b7a36d0cd2efaca32a9f8dcld57d6d01a58399ea04e703e8bbb448
      \n99039326f7a00fl71a7bbc854a54$16$1563277210780230$158555$96$628835426818227243334
      \n570448571536352510740823233055715845322741625407685873076027233865346542174$66$6
      \n25882875480513751851333441623702852811440775888122046360561760525
      \nEXTRACT HASH<\/strong>
      \nbitcoin2john.py wallet.dat > hash.txt
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 11300 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 11300 -a 0 hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 11300 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      MAC OS X 10.8-10.12<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \nusername:$ml$35714$50973de90d336b5258f01e48ab324aa9ac81ca7959ac470d3d9c4395af624
      \n398$631a0ef84081b37cfe594a5468cf3a63173cd2ec25047b89457ed300f2b41b30a0792a39912f
      \nC5f3f7be8f74b7269ee3713172642de96ee482432a8dl2bf291a
      \nEXTRACT HASH<\/strong>
      \nsudo plist2hashcat.py \/var\/db\/dslocal\/nodes\/Default\/users\/<username>.plist
      \nBRUTE FORCE ATTACKhashcat -m 122 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 122 -a 0 hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 122 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      MYSQL4.1 \/ MYSQL5+ (DOUBLE SHA1)<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \nFCF7C1B8749CF99D88E5F34271D636178FB5D130
      \nEXTRACT HASH<\/strong>
      \nSELECT user,password FROM mysql.user INTO OUTFILE \u2018\/tmp\/hash.txt\u2019;
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 300 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 300 -a 0 hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 300 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      POSTGRESQL<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \na6343a68d964ca596d9752250d54bb8a:postgres
      \nEXTRACT HASH<\/strong>
      \nSELECT username, passwd FROM pg_shadow;
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 12 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 12 -a 0 hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 12 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      MSSQL(2012), MSSQL(2014)<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \n0x02000102030434ealbl7802fd95ea6316bd61d2c94622ca3812793e8fbl672487b5c904a45a31b
      \n2ab4a78890d563d2fcf5663e46fe797d71550494be50cf4915d3f4d55ec375
      \nEXTRACT HASH<\/strong>
      \nSELECT SL.name,SL.password_hash FROM sys.sql_logins AS SL;
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 1731 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 1731 -a 0 hash.txt dict.txt<\/p>\n
      WORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 1731 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      ORACLE 11G<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \nac5fle62d21fd0529428b84d42e8955b04966703:38445748184477378130
      \nEXTRACT HASH<\/strong>
      \nSELECT SL.name,SL.password_hash FROM sys.sql_logins AS SL;
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 112 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 112 -a 0 hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 112 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      CISCO TYPE 4 (SHA256)<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \n2btjjy78REtmYkkW0csHUbDZOstRXoWdX1mGrmmfeHI
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 5700 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 5700 -a 0 hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 5700 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      CISCO TYPE 5 (MD5)<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \n$l$28772684$iEwN0gGugq09.bIz5sk8k\/
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 500 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 500 -a 0 hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 500 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      CISCO TYPE 9 (SCRYPT)<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \n$9$2MJBozw\/9R3UsU$21FhcKvpghcyw8deP25G0fyZaagyU0GBymkryv0dfo6
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 9300 -a 3 hash.txt ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 9300 -a 0 hash.txt dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -m 9300 -a 0 hash.txt dict.txt -r rule.txt<\/p>\n
      WPA PSK \/ WPA2 PSK<\/strong><\/p>\n
      HASH FORMAT<\/strong>
      \n*Capture 4-way authentication handshake > capture.cap
      \ncap2hccapx.bin capture.cap capture_out.hccapx
      \nBRUTE FORCE ATTACK<\/strong>
      \nhashcat -m 2500 -a 3 capture_out.hccapx ?a?a?a?a?a?a
      \nWORDLIST ATTACK<\/strong>
      \nhashcat -m 2500 -a 3 capture_out.hccapx dict.txt
      \nWORDLIST + RULE ATTACK<\/strong>
      \nhashcat -a 0 capture_out.hccapx dict.txt -r rule.txt<\/p>\n
      ONLINE RESOURCES<\/strong><\/span><\/p>\n
      HASHCAT
      \n      https:\/\/hashcat.net\/wiki\/<\/a>
      \n      https:\/\/hashcat.net\/wiki\/doku.php?id=hashcat_utilshttps:\/\/hashcat.net\/wiki\/doku.php?id=statsprocessor<\/a>
      \n      http:\/\/www.netmux.com\/blog\/ultimate-guide-to-cracking-foreign-character-passwords-using-has<\/a>
      \n      http:\/\/www.netmux.com\/blog\/cracking-12-character-above-passwords<\/a><\/p>\n
      CRACKING RIGS<\/strong>
      \n      http:\/\/www.netmux.com\/blog\/how-to-build-a-password-cracking-rig<\/a>
      \n      https:\/\/www.unix-ninja.com\/p\/Building_a_Password_Cracking_Rig_for_Hashcat_-_Part_III<\/a><\/p>\n
      EXAMPLE HASH GENERATION<\/strong>
      \n      https:\/\/www.onlinehashcrack.com\/hash-generator.php<\/a>
      \n      https:\/\/www.tobtu.com\/tools.php<\/a>
      \n      http:\/\/hash.online-convert.com\/<\/a>
      \n      https:\/\/www.tools4noobs.com\/online_tools\/hash\/<\/a>
      \n      https:\/\/quickhash.com\/<\/a>
      \n      http:\/\/bitcoinvalued.com\/tools.php<\/a>
      \n      http:\/\/www.sha1-online.com\/<\/a>
      \n      http:\/\/www.freeformatter.com\/hmac-generator.html<\/a>
      \n      http:\/\/openwall.info\/wiki\/john\/Generating-test-hashes<\/a><\/p>\n
      OTHER
      \n      http:\/\/blog.thireus.com\/cracking-story-how-i-cracked-over-122-million-sha1-and-md5-hashed-<\/a>
      \npasswords\/
      \n      http:\/\/www.utf8-chartable.de\/<\/a>
      \n      http:\/\/thesprawl.org\/projects\/pack\/<\/a>
      \n      https:\/\/blog.gotmilk.com\/2011\/06\/dictionaries-wordlists\/<\/a>
      \n      http:\/\/wpengine.com\/unmasked\/<\/a><\/p>\n
      NETMUX<\/strong>
      \n      http:\/\/www.netmux.com<\/a>
      \n      http:\/\/www.hashcrack.io<\/a>
      \n      https:\/\/github.com\/netmux<\/a>
      \n      https:\/\/twitter.com\/netmux<\/a>
      \n      https:\/\/www.instagram.com\/netmux\/<\/a><\/p>\n
      If you’re reading this last line a huge thank’s and i’m gonna cover John the ripper to the nest blog it will contain all the screen shots of the all cracking methodology with commands and everything which left in hashcat.hope you learn something new,Thank you.<\/p>\n","protected":false},"excerpt":{"rendered":"
      Password Cracking with Hashcat Hello Friends, Today I’m going to explain the Hashcat password Cracking Tool, As I learn from…<\/p>\n","protected":false},"author":1,"featured_media":25631,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,90],"tags":[],"yoast_head":"\nPassword Cracking with Hashcat - Armour Infosec<\/title>\n<meta name=\"description\" content=\"Hashcat is a well-known password cracker. It is designed to break even the most complex passwords. Hashcat may be the world's best password cracking.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.armourinfosec.com\/password-cracking-with-hashcat\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Password Cracking with Hashcat - Armour Infosec\" \/>\n<meta property=\"og:description\" content=\"Hashcat is a well-known password cracker. It is designed to break even the most complex passwords. Hashcat may be the world's best password cracking.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.armourinfosec.com\/password-cracking-with-hashcat\/\" \/>\n<meta property=\"og:site_name\" content=\"Armour Infosec\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ArmourInfosec\" \/>\n<meta property=\"article:published_time\" content=\"2020-02-18T11:27:30+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-03-30T08:07:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.armourinfosec.com\/wp-content\/uploads\/2020\/02\/hashcat.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"450\" \/>\n\t<meta property=\"og:image:height\" content=\"300\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Armour Infosec\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ArmourInfosec\" \/>\n<meta name=\"twitter:site\" content=\"@ArmourInfosec\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Armour Infosec\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"23 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.armourinfosec.com\/password-cracking-with-hashcat\/\",\"url\":\"https:\/\/www.armourinfosec.com\/password-cracking-with-hashcat\/\",\"name\":\"Password Cracking with Hashcat - Armour Infosec\",\"isPartOf\":{\"@id\":\"https:\/\/www.armourinfosec.com\/#website\"},\"datePublished\":\"2020-02-18T11:27:30+00:00\",\"dateModified\":\"2020-03-30T08:07:58+00:00\",\"author\":{\"@id\":\"https:\/\/www.armourinfosec.com\/#\/schema\/person\/1d8ec30560e735c34fa5d464a1357308\"},\"description\":\"Hashcat is a well-known password cracker. It is designed to break even the most complex passwords. Hashcat may be the world's best password cracking.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.armourinfosec.com\/password-cracking-with-hashcat\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.armourinfosec.com\/password-cracking-with-hashcat\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.armourinfosec.com\/password-cracking-with-hashcat\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.armourinfosec.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Password Cracking with Hashcat\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.armourinfosec.com\/#website\",\"url\":\"https:\/\/www.armourinfosec.com\/\",\"name\":\"Armour Infosec\",\"description\":\"Do Your Part - Be Security Smart\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.armourinfosec.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.armourinfosec.com\/#\/schema\/person\/1d8ec30560e735c34fa5d464a1357308\",\"name\":\"Armour Infosec\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.armourinfosec.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/17f812901d8294702576e81ddce5aa92?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/17f812901d8294702576e81ddce5aa92?s=96&d=mm&r=g\",\"caption\":\"Armour Infosec\"},\"sameAs\":[\"https:\/\/www.armourinfosec.com\/\"],\"url\":\"https:\/\/www.armourinfosec.com\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Password Cracking with Hashcat - Armour Infosec","description":"Hashcat is a well-known password cracker. It is designed to break even the most complex passwords. Hashcat may be the world's best password cracking.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.armourinfosec.com\/password-cracking-with-hashcat\/","og_locale":"en_US","og_type":"article","og_title":"Password Cracking with Hashcat - Armour Infosec","og_description":"Hashcat is a well-known password cracker. It is designed to break even the most complex passwords. Hashcat may be the world's best password cracking.","og_url":"https:\/\/www.armourinfosec.com\/password-cracking-with-hashcat\/","og_site_name":"Armour Infosec","article_publisher":"https:\/\/www.facebook.com\/ArmourInfosec","article_published_time":"2020-02-18T11:27:30+00:00","article_modified_time":"2020-03-30T08:07:58+00:00","og_image":[{"width":450,"height":300,"url":"https:\/\/www.armourinfosec.com\/wp-content\/uploads\/2020\/02\/hashcat.jpg","type":"image\/jpeg"}],"author":"Armour Infosec","twitter_card":"summary_large_image","twitter_creator":"@ArmourInfosec","twitter_site":"@ArmourInfosec","twitter_misc":{"Written by":"Armour Infosec","Est. reading time":"23 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.armourinfosec.com\/password-cracking-with-hashcat\/","url":"https:\/\/www.armourinfosec.com\/password-cracking-with-hashcat\/","name":"Password Cracking with Hashcat - Armour Infosec","isPartOf":{"@id":"https:\/\/www.armourinfosec.com\/#website"},"datePublished":"2020-02-18T11:27:30+00:00","dateModified":"2020-03-30T08:07:58+00:00","author":{"@id":"https:\/\/www.armourinfosec.com\/#\/schema\/person\/1d8ec30560e735c34fa5d464a1357308"},"description":"Hashcat is a well-known password cracker. It is designed to break even the most complex passwords. Hashcat may be the world's best password cracking.","breadcrumb":{"@id":"https:\/\/www.armourinfosec.com\/password-cracking-with-hashcat\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.armourinfosec.com\/password-cracking-with-hashcat\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.armourinfosec.com\/password-cracking-with-hashcat\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.armourinfosec.com\/"},{"@type":"ListItem","position":2,"name":"Password Cracking with Hashcat"}]},{"@type":"WebSite","@id":"https:\/\/www.armourinfosec.com\/#website","url":"https:\/\/www.armourinfosec.com\/","name":"Armour Infosec","description":"Do Your Part - Be Security Smart","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.armourinfosec.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.armourinfosec.com\/#\/schema\/person\/1d8ec30560e735c34fa5d464a1357308","name":"Armour Infosec","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.armourinfosec.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/17f812901d8294702576e81ddce5aa92?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/17f812901d8294702576e81ddce5aa92?s=96&d=mm&r=g","caption":"Armour Infosec"},"sameAs":["https:\/\/www.armourinfosec.com\/"],"url":"https:\/\/www.armourinfosec.com\/author\/admin\/"}]}},"menu_order":0,"_links":{"self":[{"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/posts\/25505"}],"collection":[{"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/comments?post=25505"}],"version-history":[{"count":0,"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/posts\/25505\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/media\/25631"}],"wp:attachment":[{"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/media?parent=25505"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/categories?post=25505"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/tags?post=25505"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}