Hashcat help with email combining to password.
#1
When I want to mass crack hashes and I obtain all the passwords, how do I get them to the correct email without having to search through all of the hashes and combine them manually. Say I just cracked 1000+ hash passwords, how would I combine them to their correct emails?
Reply
#2
if you have a list of email:hash you can use --show with --username combined:

Code:
hashcat -m 99999 --show --username user_hash.txt
user1:passwd1:passwd1
user2:passwd2:passwd2
user3:passwd3:passwd3
user4:passwd4:passwd4
user5:passwd5:passwd5
user6:passwd6:passwd6
user7:passwd7:passwd7
user8:passwd8:passwd8
user9:passwd9:passwd9
user10:passwd10:passwd10

(just for demonstration purposes this is mode 99999 where hash = password)
Reply
#3
Whenever i put --show into it, it's doesn't work. with --username it's fine but --show messes up my code, there's a long list of passwords that just say "changeme"
Reply
#4
short answer: --show should never be used while you are cracking (it's used afterwards, when already cracked)

see: https://hashcat.net/faq#how_can_i_show_p...ilpassword

btw: you always need to set -m to the correct hash type... just have a look at the --help output of hashcat

first crack (with dictionary -a 0, or mask -a 3 etc), then after cracking use --show without any dictionary, without any mask etc
Reply
#5
Hey, I am having some problem cracking an email password. I have multiple questions 
1. What should my worksheet be like
2. What are the commands that should I use
Reply
#6
@Oubiserine

you will need some type of hash to begin with, "online" guessing is not supported

so for a first start go to any website providing a hashgenerator for a given input

like md5 of test is 098f6bcd4621d373cade4e832627b4f6

hashcat -a3 -m0 --increment 098f6bcd4621d373cade4e832627b4f6 ?l?l?l?l?l?l

this will start hashcat in
-a3 bruteforemode
-m0 hashmode is md5
--increment increment mode for mask, begin with length one until reaching maxlenght of the given mask
?l?l?l?l?l?l mask of lenght 6 just lower chars
Reply
#7
(06-01-2022, 02:08 PM)Snoopy Wrote: @Oubiserine

you will need some type of hash to begin with, "online" guessing is not supported

so for a first start go to any website providing a hashgenerator for a given input

like md5 of test is 098f6bcd4621d373cade4e832627b4f6

hashcat -a3 -m0 --increment 098f6bcd4621d373cade4e832627b4f6 ?l?l?l?l?l?l

this will start hashcat in
-a3 bruteforemode
-m0 hashmode is md5
--increment increment mode for mask, begin with length one until reaching maxlenght of the given mask
?l?l?l?l?l?l mask of lenght 6 just lower chars
 Okay buy what should I type to get a specific hash for the email?
Reply
#8
(06-01-2022, 02:41 PM)Oubiserine Wrote:  Okay buy what should I type to get a specific hash for the email?



Hashcat does not attack online targets. You must already possess the hash.
Reply
#9
(06-01-2022, 02:48 PM)pdo Wrote:
(06-01-2022, 02:41 PM)Oubiserine Wrote:  Okay buy what should I type to get a specific hash for the email?



Hashcat does not attack online targets. You must already possess the hash.
Sorry for asking several questions, i am still a noob. If I want to crack an email password. Hash = email or password?
Reply
#10
(06-01-2022, 03:09 PM)Oubiserine Wrote:
(06-01-2022, 02:48 PM)pdo Wrote:
(06-01-2022, 02:41 PM)Oubiserine Wrote:  Okay buy what should I type to get a specific hash for the email?

Hashcat does not attack online targets. You must already possess the hash.
Sorry for asking several questions, i am still a noob. If I want to crack an email password. Hash = email or password?

you cant "crack" an emailpassword when you dont know the passwordhash

mostly passwordhashes are obtained from so called breaches, when some "hackers" are able to get access to lets say the database from any website/forum whatsoever

then they can see lets say username:passwordhash directly in the database and then they could be able to crack it

no database no passwordhash no cracking

when you try to login into a webseite, your given password is hashed inside your browser (mostly), send to the webseite and simple compared to the stored hash in the database, equal okay login sucsessful, but the website will never "tell" you the stored hash inside the database by default (thats the reason why you will need the hash from some breach)
Reply