MD5 Help - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: MD5 Help (/thread-7180.html) Pages:
1
2
|
MD5 Help - Ark223 - 01-08-2018 Hello. I'm a totally novice at this cracking program. I'd like to brute-force the following hash with salt: Hash: <32-character> Salt: <8-character> Could you write me a right command that would decrypt it? RE: MD5 Help - Flomac - 01-08-2018 Please do not post plain hashes in the forum! Despite that, the command depends on how you want to crack the hash (wordlist, brute-force, markov) etc. RE: MD5 Help - Ark223 - 01-08-2018 Edited and sorry for that. I just need a command to crack it by myself. Could you write it? RE: MD5 Help - Flomac - 01-09-2018 Sure. But not without the information - how long that password is or might be - what combinations of characters it contains (numbers, letters, symbols) - how you are planning to crack it (brute-force, wordlist etc.) Any variantion can make the difference between hours or centuries in cracking time. RE: MD5 Help - Ark223 - 01-09-2018 Password should contain: - length: min. 3, max. 12 - combination: numbers, small and big letters - nothing else - method: brute-force RE: MD5 Help - Flomac - 01-09-2018 hashcat -m 10 -w 4 -a 3 -1 ?l?u?d --force --increment-min 3 --increment-max 12 [your_hash:your_salt] ?1?1?1?1?1?1?1?1?1?1?1?1 But it will take a few hundred years, depending on your hardware. If the password is not completely random, a dictionary attack might make more sense. RE: MD5 Help - DanielG - 01-09-2018 Hi, you would probably already be cracking if you followed the information on the wiki. Here you can follow the steps needed to crack your hash: https://hashcat.net/wiki/doku.php?id=hashcat#options This page has the basic usage: Code: Usage: hashcat [options]... hash|hashfile|hccapxfile [dictionary|mask|directory]... First is what you want to crack. Code: -m, --hash-type | Hash-type As you stated, you are cracking an MD5 hash with salt, the reference states this as Code: # | Name | Category So first part of your command line is either -m 10 or -m 20 depending if you hash comes first or last. next is how you want crack (attack) Code: -a, --attack-mode | Attack-mode this is shown as 3 for brute force. So the second part of your command line is -a 3. The brute force mode needs to know what it will brute force, also called the Charset. In the options this is shown: Code: ? | Charset There is no charset with exactly what you want (well there is, but this gives you more info and flexibility if you want to change things). You need a combination of the l, u and d. This is possible using a custom charset or mask. Code: -1, --custom-charset1 | User-defined charset ?1 So the third part of your command line is -1 ?l?u?d. Now usually you brute force a single length, but you want multiple lengths (min. 3, max. 12). This is also documented. Code: -i, --increment | | Enable mask increment mode | The fourth part of your command line is -i --increment-min 3 --increment-max 12. Now we can combine this, I would recommend to put your hash in a hashfile. Be sure to put the hash in the correct format as described on https://hashcat.net/wiki/doku.php?id=example_hashes (modes 10 and 20 use hex_hash:plain_salt). hashcat -m 10 -a 3 -1 ?l?u?d -i --increment-min 3 --increment-max 12 hashfile.txt ?1?1?1?1?1?1?1?1?1?1?1?1 Be sure to read more on the wiki on tweaking your settings, other attack types and for any other questions you have. RE: MD5 Help - Ark223 - 01-10-2018 Thank you for your answers! The last question is, what does the parameter "?1?1?1?1?1?1?1?1?1?1?1?1" depends on? RE: MD5 Help - slyexe - 01-11-2018 (01-10-2018, 07:16 PM)Ark223 Wrote: Thank you for your answers! The last question is, what does the parameter "?1?1?1?1?1?1?1?1?1?1?1?1" depends on? You can create custom character sets. In this case you create the custom set by using -1 and appending the character set so -1 ?l?u?d sets ?1 to do all lower case, upper case and digits as your character set. So a 2nd example would be say I wanted digits and special characters, you can create a second custom character set by creating -2. so adding the parameter -2 ?d?s would allow you to use ?2 as a shortcut. so doing ?1?2?1?d would cycle through lower, upper and digits for 1's and 2's would run through digits and special characters. 3rd example could relate to targeting specific characters. so lets say we know it includes AbC135 as the first character in our password. so you could create -3 AbC135 and add it to the password with ?3 in the first position. so ?3?2?2?2?1?1?d?s?u etc can all be used. RE: MD5 Help - DanielG - 01-11-2018 ?1 is indeed how you access the custom charset mentioned. In the example I put 12 "?1" combinations because that is your max length for your password. This makes it easy if you decide to try something as '12 chars but first must be only number' then you can change it to ?d?1?1?1?1?1?1?1?1?1?1?1 |