Introduction
Hashcat is a popular password auditing utility used by professionals in the cybersecurity industry. It is capable of utilizing GPUs on graphics cards to compute the hashes of provided words or strings in a wordlist. Why is this significant? Hashing algorithms are one-way functions that create fixed-length strings that are easy to compute but difficult, if not impossible to reverse. Although easy to compute, they do require processing power to do so. A GPU is more powerful than your typical desktop processor and is capable of computing hashes at a much faster pace. I think that before we go over how to use hashcat to crack a password we understand what it is doing and how password authentication typically works.
What are Passwords?
Passwords are stored as hashes by services we use (at least they should be). These organizations never know what your password is, only the hash that represents your password. When you enter your password into a login form, your password is put through one of these hashing functions and the fixed-length hash is produced. The server finds your hashed password in its database where it stores user information and it compares the stored hash to the newly hashed string that was computed from the supplied password. If these two strings match then the server knows that the correct password was supplied and access is granted. If the hashes do not match, the password that was supplied is incorrect and access is denied. There are many types of hashing algorithms.
Some of the more popular hashing algorithms include Message Digest 5 (MD5), Secure Hashing Algorithm (SHA), Microsoft LAN Manager (LANMAN), NT LAN Manager (NTLM), scrypt, bcrypt, and the list goes on and will be reserved for a later blog post. What you need to know is that the complexity of the hashing algorithm increases the amount of processing time to compute these hashes increases as well. MD5 is at the low end of the spectrum while scrypt is at the longer and more complex end of the spectrum. Hashcat is able to compute strings into these types of hashes and many others.
Putting it all together
At the minimum hashcat needs the user to provide the hash mode, attack type, hash file, and wordlist if attack type permits:
hashcat -m [hash mode] -a [attack type] [hash file] [wordlist]The -m option supplies the hash mode. The hash mode is a numeric string that represents the desired hash mode. 0 represents MD5, 100 represents SHA1, 1000 represents NTLM, and so on.
The -a option supplies the attack mode. There are 5 attack modes:
- 0 for a straight attack
- 1 for a combination attack
- 3 for a brute-force attack
- 6 for a hybrid wordlist + mask
- 7 for a hybrid mask + wordlist
The straight attack goes word by word in the word list to try to crack the given password hash until the list is exhausted. A combination attack utilizes two given wordlists and combines the words from the lists until all possible combinations are exhausted. A brute-force attack does not use a wordlist but tries to brute-force the hash with all possible solutions provided for within a mask. A hybrid wordlist + mask attack uses a wordlist followed by a mask. Finally, the hybrid mask + wordlist does the same as the former but first puts the mask then the word in the list. You may be asking — What is a mask?
There are a few masks that can be used in hashcat. First, a mask is identified by an initial ? followed by the mask type:
- ?u represents all uppercase letters
- ?l represents all lowercase letters
- ?d represents all digits 0-9
- ?h represents all hex characters 0-9 and a-f
- ?H represents all hex characters 0-9 and A-F
- ?s represents special characters
- ?a represents every character
The hash file is the file that consists of the hashes that will attempt to be cracked. This can be the shadow file in a Linux envioronment.
The wordlist file, when used, can be a list of strings, typically words that can be as small as one word and as large as disk capacity you have. One popular wordlist is the rockyou.txt wordlist created from a password dump of the RockYou organization [1].
Hashcat in Action
Given a file called md5.hash with 5 MD5 hashes inside:
$ cat md5.hash
48d6215903dff56238e52e8891380c8f
bda9643ac6601722a28f238714274da4
bb7aedfa61007447dd6efaf9f37641e3
9f27410725ab8cc8854a2769c7a516b8
d508fe45cecaf653904a0e774084bb5cAnd the rockyou.txt password dump:
$ head rockyou.txt
123456
12345
123456789
password
iloveyou
princess
1234567
rockyou
12345678
abc123We can attempt to crack the MD5 hashes in the md5.hash hash file using a straight attack with the rockyou.txt wordlist using hashcat:
$ hashcat -m 0 -a 0 md5.hash rockyou.txt
hashcat (v6.0.0) starting...
...
d508fe45cecaf653904a0e774084bb5c:white
9f27410725ab8cc8854a2769c7a516b8:green
bb7aedfa61007447dd6efaf9f37641e3:purple
48d6215903dff56238e52e8891380c8f:blue
bda9643ac6601722a28f238714274da4:red
Session..........: hashcat
Status...........: Cracked
Hash.Name........: MD5
Hash.Target......: md5.hash
Time.Started.....: Tue Dec 1 00:25:35 2020 (0 secs)
Time.Estimated...: Tue Dec 1 00:25:35 2020 (0 secs)
Guess.Base.......: File (rockyou.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 33033.0 kH/s (7.28ms) @ Accel:1024 Loops:1 Thr:64 Vec:1
Recovered........: 5/5 (100.00%) Digests
Progress.........: 1310720/14344386 (9.14%)
Rejected.........: 0/1310720 (0.00%)
Restore.Point....: 0/14344386 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidates.#1....: 123456 -> saytown
Hardware.Mon.#1..: Temp: 30c Fan: 27% Util: 25% Core:1898MHz Mem:4513MHz Bus:16
Started: Tue Dec 1 00:25:35 2020
Stopped: Tue Dec 1 00:25:36 2020The given output shows us that the hashes were cracked and the passwords are white, green, purple, blue, and red. It was able to do this because all those words were in the rockyou.txt wordlist. But what if we wanted to brute force those hashes? Because the MD5 hashing algorithm is relatively easy to compute and I utilize a GTX 1080 graphics card we can do this:
$ hashcat -m 0 -a 3 md5.hash ?a?a?a?a?a?a?a?a --increment
hashcat (v6.0.0) starting...
...
d508fe45cecaf653904a0e774084bb5c:white
9f27410725ab8cc8854a2769c7a516b8:green
bb7aedfa61007447dd6efaf9f37641e3:purple
48d6215903dff56238e52e8891380c8f:blue
bda9643ac6601722a28f238714274da4:red
Session..........: hashcat
Status...........: Cracked
Hash.Name........: MD5
Hash.Target......: md5.hash
Time.Started.....: Tue Dec 1 00:32:15 2020 (0 secs)
Time.Estimated...: Tue Dec 1 00:32:15 2020 (0 secs)
Guess.Mask.......: ?a?a?a?a?a?a [6]
Guess.Queue......: 6/8 (75.00%)
Speed.#1.........: 7039.0 MH/s (9.25ms) @ Accel:16 Loops:256 Thr:1024 Vec:1
Recovered........: 5/5 (100.00%) Digests
Progress.........: 167772160/735091890625 (0.02%)
Rejected.........: 0/167772160 (0.00%)
Restore.Point....: 0/81450625 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:256-512 Iteration:0-256
Candidates.#1....: .mnier -> AR4i_1
Hardware.Mon.#1..: Temp: 36c Fan: 27% Util: 77% Core:1860MHz Mem:4513MHz Bus:16
Started: Tue Dec 1 00:32:09 2020
Stopped: Tue Dec 1 00:32:16 2020Again the passwords were discovered as before. This time we chose the -a 3 attack mode. This was the brute-force mode of attack. Instead of supplying a wordlist like rockyou, we supplied a mask of ?a?a?a?a?a?a?a?a with an –increment option. This told hashcat to try every combination of characters at a minimum of 1 to a maximum of 8. This would not be a good choice for more complex hashing algorithms and as I said before because I was using a powerful graphics card with a weak hashing algorithm this was possible.
Conclusion
Hashcat is an awesome and powerful tool to audit passwords. There are many different password attacks and this tutorial only skimmed the surface. I suggest playing some CTFs or finding some practice hash files on the internet. Having the knowledge to utilize hashcat will provide significant benefits to a cybersecurity career.
References
[1] J. Leyden, “RockYou hack reveals easy-to-crack passwords,” The Register® – Biting the hand that feeds IT, 21-Jan-2010. [Online]. Available: https://www.theregister.com/2010/01/21/lame_passwords_exposed_by_rockyou_hack/. [Accessed: 01-Dec-2020].