Password Cracking. pt 1 – using ‘Hashcat’ (step-by-step guide)


How to crack passwords using Hashcat ?

In this part of Password Cracking Series, I’ll show you built in tool in kali linux for password cracking, i.e. Hashcat.

note : If you face problem during this lab, then at the bottom of step-by-step guide, you will find Video Tutorial (walk-through) of this lab. You can refer that video too.

Let’s get started.

Start kali and open Hashcat.

> go to application and password attacks (offline) and then click hashcat. As shown in image below.

1 locate.JPG

In top of screen you will see usage. Note that carefully. As shown in image below.

2 usage.JPG

Before cracking, we need to what kind of hashing the system is using. type as shown in fig below.

more /etc/login.defs

3 know.JPG

Now, notice in between 80-90%, kali is using sha512 encryption. Refer img below.

4 enc type.JPG

Now, copy that hash to separate file. Refer img below.

cp /etc/shadow copiedhash.lst

5 copy hash.JPG

Make sure of it. Refer 2 images below.

more copiedhash.lst

6 make sure.JPG

6a making sure.JPG

Now, open copiedhash.lst in your editor. I used leafpad. And remove username, in my case it is ‘root’ (notice in above image) and also remove following colon. Then go to last of that line and remove all colon. And image below shows you what we got after that.

7 deleting.JPG

Finally, lets start cracking password of that hash. Type following or refer img.

hashcat -m 1800 -a 0 -o cracked.txt –remove copiedhash.lst /usr/share/sqlmap/txt/wordlist.txt

*note : in image you saw ‘hash.lst’ but in command you saw ‘copiedhash.lst’ . Do not worry, just replace this with what you’ve assigned.

8 cracking.JPG

9 final.JPG

10 toor.JPG Video Tutorial >

By : Bijay Acharya (Follow twitter : @acharya_bijay)

crack password using hashcat, hashcat tutorial, how to crack password, kali linux hashcat password crack, step by step guide on password cracking hashcat