How to crack passwords using Hashcat ?
In this part of Password Cracking Series, I’ll show you built in tool in kali linux for password cracking, i.e. Hashcat.
note : If you face problem during this lab, then at the bottom of step-by-step guide, you will find Video Tutorial (walk-through) of this lab. You can refer that video too.
Let’s get started.
Start kali and open Hashcat.
> go to application and password attacks (offline) and then click hashcat. As shown in image below.
In top of screen you will see usage. Note that carefully. As shown in image below.
Before cracking, we need to what kind of hashing the system is using. type as shown in fig below.
Now, notice in between 80-90%, kali is using sha512 encryption. Refer img below.
Now, copy that hash to separate file. Refer img below.
cp /etc/shadow copiedhash.lst
Make sure of it. Refer 2 images below.
Now, open copiedhash.lst in your editor. I used leafpad. And remove username, in my case it is ‘root’ (notice in above image) and also remove following colon. Then go to last of that line and remove all colon. And image below shows you what we got after that.
Finally, lets start cracking password of that hash. Type following or refer img.
hashcat -m 1800 -a 0 -o cracked.txt –remove copiedhash.lst /usr/share/sqlmap/txt/wordlist.txt
*note : in image you saw ‘hash.lst’ but in command you saw ‘copiedhash.lst’ . Do not worry, just replace this with what you’ve assigned.
Video Tutorial >
crack password using hashcat, hashcat tutorial, how to crack password, kali linux hashcat password crack, step by step guide on password cracking hashcat