Hashcat

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
Hashcat
Developer(s)Jens 'atom' Steube, Gabriele 'matrix' Gristina
Stable release
5.1.0 / 2 December 2018; 6 months ago (2018-12-02)
Operating systemCross-platform
TypePassword cracking
LicenseMIT License
Websitehashcat.net/hashcat/

Hashcat is the self-proclaimed world's fastest password recovery tool. It had a proprietary code base until 2015, but is now released as free software. Versions are available for Linux, OS X, and Windows and can come in CPU-based or GPU-based variants. Examples of hashcat-supported hashing algorithms are Microsoft LM hashes, MD4, MD5, SHA-family, Unix Crypt formats, MySQL, and Cisco PIX.

Hashcat has made its way into the news many times for the optimizations and flaws discovered by its creator, which were exploited in subsequent hashcat releases. (For example, the flaw in 1Password's password manager hashing scheme.)[1]

Variants[edit]

Previously, hashcat used to come in two main variants:

  • hashcat - A CPU-based password recovery tool
  • oclHashcat/cudaHashcat - A GPU-accelerated tool (OpenCL or CUDA)

With the release of hashcat v3.00, the GPU and CPU tools were merged into a single tool called hashcat. The CPU-only version became hashcat-legacy. [2] Both CPU and GPU now require OpenCL.

Many of the algorithms supported by hashcat-legacy (such as MD5, SHA1, and others) can be cracked in a shorter time using well-documented GPU acceleration[3] leveraged in GPU-based hashcat. However, not all algorithms can be accelerated by leveraging GPUs. Bcrypt is a good example of this. Due to factors such as data-dependent branching, serialization, and memory (to name just a few), oclHashcat/cudaHashcat weren't catchall replacements for hashcat-legacy.

hashcat-legacy is available for Linux, OSX and Windows. hashcat is available for macOS, Windows, and Linux with GPU, CPU and generic OpenCL support which allows for FPGAs and other accelerator cards.

Sample output[edit]

$ hashcat -d 2 -a 0 -m 400 -O -w 4 example400.hash example.dict

hashcat (v5.1.0) starting...

OpenCL Platform #1: Intel(R) Corporation
========================================
* Device #1: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz, skipped.

OpenCL Platform #2: NVIDIA Corporation
======================================
* Device #2: GeForce GTX 970, 1010/4041 MB allocatable, 13MCU
* Device #3: GeForce GTX 750 Ti, skipped.

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 1

Applicable optimizers:
* Optimized-Kernel
* Zero-Byte
* Single-Hash
* Single-Salt

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 55

Watchdog: Temperature abort trigger set to 90c

Dictionary cache hit:
* Filename..: example.dict
* Passwords.: 128416
* Bytes.....: 1069601
* Keyspace..: 128416

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.  

$H$9y5boZ2wsUlgl2tI6b5PrRoADzYfXD1:hash234       
                                                 
Session..........: hashcat
Status...........: Cracked
Hash.Type........: phpass, WordPress (MD5), phpBB3 (MD5), Joomla (MD5)
Hash.Target......: $H$9y5boZ2wsUlgl2tI6b5PrRoADzYfXD1
Time.Started.....: Thu Apr 25 05:10:35 2019 (0 secs)
Time.Estimated...: Thu Apr 25 05:10:35 2019 (0 secs)
Guess.Base.......: File (example.dict)
Guess.Queue......: 1/1 (100.00%)
Speed.#2.........:  2654.9 kH/s (22.24ms) @ Accel:128 Loops:1024 Thr:1024 Vec:1
Recovered........: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 128416/128416 (100.00%)
Rejected.........: 0/128416 (0.00%)
Restore.Point....: 0/128416 (0.00%)
Restore.Sub.#2...: Salt:0 Amplifier:0-1 Iteration:1024-2048
Candidates.#2....: 0 -> zzzzzzzzzzz
Hardware.Mon.#2..: Temp: 44c Fan: 40% Util: 50% Core:1265MHz Mem:3004MHz Bus:8

Started: Thu Apr 25 05:10:32 2019
Stopped: Thu Apr 25 05:10:37 2019

Attack types[edit]

Hashcat offers multiple attack modes for obtaining effective and complex coverage over a hash's keyspace. These modes are:

The traditional bruteforce attack is considered outdated, and the Hashcat core team recommends the Mask-Attack as a full replacement.

Competitions[edit]

Team Hashcat (the official team of the Hashcat software composed of core Hashcat members) won first place in the KoreLogic "Crack Me If you Can" Competitions at DefCon in 2010, 2012, 2014, and 2015, and at DerbyCon in 2017.[12]

See also[edit]

References[edit]

  1. ^ "On hashcat and strong Master Passwords as your best protection". Passwords. Agile Bits. 16 April 2013.
  2. ^ "hashcat v3.00". Hashcat. Hashcat project. 29 June 2016.
  3. ^ "Recent Developments in Password Cracking". Passwords. Bruce Schneier. 19 September 2012.
  4. ^ https://hashcat.net/wiki/doku.php?id=hashcat#supported_attack_modes
  5. ^ https://hashcat.net/wiki/doku.php?id=hashcat#supported_attack_modes
  6. ^ https://hashcat.net/wiki/doku.php?id=hashcat#supported_attack_modes
  7. ^ https://hashcat.net/wiki/doku.php?id=hashcat#supported_attack_modes
  8. ^ https://hashcat.net/wiki/doku.php?id=hashcat#supported_attack_modes
  9. ^ https://hashcat.net/wiki/doku.php?id=hashcat#supported_attack_modes
  10. ^ https://hashcat.net/wiki/doku.php?id=hashcat#supported_attack_modes
  11. ^ "PRINCE: modern password guessing algorithm" (PDF). Hashcat site. Hashcat. 8 December 2014.
  12. ^ "Crack Me If You Can 2014 Contest". KoreLogic Security.

External links[edit]

  • Official website Edit this at Wikidata
  • [1] source code repositories
  • [2] A guide to password cracking with Hashcat
  • [3] Measuring Real-World Accuracies and Biases in Modeling Password Guessability
  • [4] Confessions of a crypto cluster operator
  • [5] Hashcat state of the union
  • [6] DEFCON 2010, "Crack Me If you Can": Writeup Team Hashcat
  • [7] DEFCON 2011, "Crack Me If you Can": Writeup Team Hashcat
  • [8] DEFCON 2014, "Crack Me If you Can": Writeup Team Hashcat
  • [9] DEFCON 2015, "Crack Me If you Can": Writeup Team Hashcat
  • Goodin, Dan (27 August 2013). "thereisnofatebutwhatwemake - Turbo Charged Cracking Comes to Long Passwords". ars technica.