hashcat
advanced password recovery

Digg Del.icio.us Reddit Facebook Stumble Upon Twitter

Navigation

Download latest version (older versions)

Name Version Signature Date
hashcat binaries v2.00 PGP 2015.12.04
hashcat sources v2.00 PGP 2015.12.04
Signing key on PGP keyservers: RSA, 2048-bit. Key ID: 2048R/8A16544F. Fingerprint: A708 3322 9D04 0B41 99CC 0052 3C17 DA8B 8A16 544F

Check out our GitHub Repository for the latest development version

Features

  • Multi-Threaded
  • Free
  • Open-Source
  • Multi-Hash (up to 24 million hashes)
  • Multi-OS (Linux, Windows and OSX native binaries)
  • Multi-Algo (MD4, MD5, SHA1, DCC, NTLM, MySQL, ...)
  • SSE2 and XOP accelerated
  • All Attack-Modes except Brute-Force and Permutation can be extended by rules
  • Very fast Rule-engine
  • Rules compatible with JTR and PasswordsPro
  • Possible to resume or limit session
  • Automatically recognizes recovered hashes from outfile at startup
  • Can automatically generate random rules
  • Load saltlist from external file and then use them in a Brute-Force Attack variant
  • Able to work in an distributed environment
  • Specify multiple wordlists or multiple directories of wordlists
  • Number of threads can be configured
  • Threads run on lowest priority
  • Supports hex-charset
  • Supports hex-salt
  • 90+ Algorithms implemented with performance in mind
  • ... and much more

Hashcat Screenshot

Hashcat screenshot

Attack-Modes

  • Straight *
  • Combination *
  • Toggle-Case
  • Brute-Force
  • Permutation
  • Table-Lookup
  • PRINCE

* accept Rules

Algorithms

  • MD5
  • md5($pass.$salt)
  • md5($salt.$pass)
  • md5(unicode($pass).$salt)
  • md5($salt.unicode($pass))
  • HMAC-MD5 (key = $pass)
  • HMAC-MD5 (key = $salt)
  • SHA1
  • sha1($pass.$salt)
  • sha1($salt.$pass)
  • sha1(unicode($pass).$salt)
  • sha1($salt.unicode($pass))
  • HMAC-SHA1 (key = $pass)
  • HMAC-SHA1 (key = $salt)
  • MySQL323
  • MySQL4.1/MySQL5
  • phpass, MD5(Wordpress), MD5(phpBB3), MD5(Joomla)
  • md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5
  • MD4
  • NTLM
  • Domain Cached Credentials (DCC), MS Cache
  • SHA256
  • sha256($pass.$salt)
  • sha256($salt.$pass)
  • sha256(unicode($pass).$salt)
  • base64(sha256(unicode($pass)))
  • sha256($salt.unicode($pass))
  • HMAC-SHA256 (key = $pass)
  • HMAC-SHA256 (key = $salt)
  • md5apr1, MD5(APR), Apache MD5
  • SHA512
  • sha512($pass.$salt)
  • sha512($salt.$pass)
  • sha512(unicode($pass).$salt)
  • sha512($salt.unicode($pass))
  • HMAC-SHA512 (key = $pass)
  • HMAC-SHA512 (key = $salt)
  • SHA-512(Unix)
  • Cisco-PIX MD5
  • Cisco-ASA MD5
  • WPA/WPA2
  • Double MD5
  • bcrypt, Blowfish(OpenBSD)
  • MD5(Sun)
  • md5(md5(md5($pass)))
  • md5(md5($salt).$pass)
  • md5($salt.md5($pass))
  • md5($pass.md5($salt))
  • md5($salt.$pass.$salt)
  • md5(md5($pass).md5($salt))
  • md5($salt.md5($salt.$pass))
  • md5($salt.md5($pass.$salt))
  • md5($username.0.$pass)
  • md5(strtoupper(md5($pass)))
  • md5(sha1($pass))
  • Double SHA1
  • sha1(sha1(sha1($pass)))
  • sha1(md5($pass))
  • MD5(Chap), iSCSI CHAP authentication
  • sha1($salt.$pass.$salt)
  • SHA-3(Keccak)
  • Half MD5
  • Password Safe SHA-256
  • IKE-PSK MD5
  • IKE-PSK SHA1
  • NetNTLMv1-VANILLA / NetNTLMv1-ESS
  • NetNTLMv2
  • Cisco-IOS SHA256
  • Android PIN
  • AIX {smd5}
  • AIX {ssha256}
  • AIX {ssha512}
  • AIX {ssha1}
  • GOST, GOST R 34.11-94
  • Fortigate (FortiOS)
  • OS X v10.8+
  • GRUB 2
  • IPMI2 RAKP HMAC-SHA1
  • sha256crypt, SHA256(Unix)
  • Drupal7
  • WBB3, Woltlab Burning Board 3
  • scrypt
  • Cisco $8$
  • Cisco $9$
  • Radmin2
  • Django (PBKDF2-SHA256)
  • Cram MD5
  • SAP CODVN H (PWDSALTEDHASH) iSSHA-1
  • PrestaShop
  • PostgreSQL Challenge-Response Authentication (MD5)
  • MySQL Challenge-Response Authentication (SHA1)
  • SIP digest authentication (MD5)
  • Plaintext
  • Joomla < 2.5.18
  • PostgreSQL
  • osCommerce, xt:Commerce
  • Skype
  • nsldap, SHA-1(Base64), Netscape LDAP SHA
  • nsldaps, SSHA-1(Base64), Netscape LDAP SSHA
  • Oracle S: Type (Oracle 11+)
  • SMF > v1.1
  • OS X v10.4, v10.5, v10.6
  • EPi
  • Django (SHA-1)
  • MSSQL(2000)
  • MSSQL(2005)
  • PeopleSoft
  • EPiServer 6.x < v4
  • hMailServer
  • EPiServer 6.x > v4
  • SSHA-512(Base64), LDAP {SSHA512}
  • OS X v10.7
  • MSSQL(2012 & 2014)
  • vBulletin < v3.8.5
  • PHPS
  • vBulletin > v3.8.5
  • IPB2+, MyBB1.2+
  • Mediawiki B type
  • WebEdition CMS
  • Redmine Project Management Web App

Tested OS

  • All Linux, Windows and OSX versions should work on both 32 and 64 bit

Performance

  • Windows 7, 64 bit
  • Phenom II X6 T1090 @ 3.8 Ghz
  • hashcat v0.40, 64 bit
Name MD5
1 hash		 NTLM
500k hashes		 phpass
1 hash
hashcat (8 threads) 86.24M c/s 71.17M c/s 49.67k c/s
hashcat (1 thread) 12.90M c/s 10.58M c/s 7.79k c/s
  • Ubuntu 12.04.2 LTS, 64 bit
  • AMD FX(tm)-8120 Eight-Core Processor
  • hashcat v0.46, XOP version
Name SHA1
1 hash		 NTLM
500k hashes		 MySQL
1k hashes
hashcat (8 threads) 73.97 MH/s 79.83 MH/s 116.47 MH/s
hashcat (1 thread) 16.66 MH/s 15.15 MH/s 19.83 MH/s

Help

A detailed description of all commandline parameters is available by using --help. Hashcat is explained in some of the videos and in the forums. If you encounter a bug, report it in the forums where fixes and beta versions are announced as well.

If you still think you need help by a real human come to #hashcat on freenode IRC.

Download older versions

This is a list of older hashcat versions, it's not always bad to grab the latest version.

Name Version md5sum Date
hashcat binaries v0.50 53a9b867b34c30b51b2f1c70477bdbd8 2015.06.05
hashcat binaries v0.49 370d4e92f0ae8b7ce696afa852e91aea 2015.01.05
hashcat binaries v0.48 620790f469e41ca8f3f6897ed958c8c0 2014.11.01