+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: a very essential basic question! (/thread-5934.html)
a very essential basic question! - Farshad68 - 10-07-2016
Hi
Since a week I’ve been reading articles and watched some videos about password “recovery” by cracking the hashes and I have a question which might sound silly! When the hashes are cracked we have the real letters and numbers so the real password. Just imagine the result of cracking a hash is Kim1234. How do we know for which url/website this password is? How do we know that’s the username so that we combine it with this cracked password?
PS; I know I'm not supposed to post a ticket without reading wiki and searching the forum etc. I did all of that and still no answer to my question.
Thanks for any help.
RE: a very essential basic question! - atom - 10-07-2016
If you have a password hash you must have it from some kind of database. That database has the username linked to the hash. It's just not important for hashcat to know.
RE: a very essential basic question! - Farshad68 - 10-07-2016
Thanks for ur kind and fast reply Atom. It will be my last question here I promise :-)
So.... just "imagine" someone is interested cracking password of a user he should first obtain those data/hashes from the website he wants to get acces to, right? Like some kind of acces to;
- %systemroot%\system32\config
- %systemroot%\repair (but only if rdisk has been run)
- In the registry under HKEY_LOCAL_MACHINE\SAM
RE: a very essential basic question! - Xanadrel - 10-07-2016
Obviously closing this.
This is not related to hashcat.
You don't ask this kind of things.