Hashcat help with email combining to password. - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: Hashcat help with email combining to password. (/thread-9095.html) Pages:
1
2
|
Hashcat help with email combining to password. - ongroddd - 04-02-2020 When I want to mass crack hashes and I obtain all the passwords, how do I get them to the correct email without having to search through all of the hashes and combine them manually. Say I just cracked 1000+ hash passwords, how would I combine them to their correct emails? RE: Hashcat help with email combining to password. - undeath - 04-02-2020 if you have a list of email:hash you can use --show with --username combined: Code: hashcat -m 99999 --show --username user_hash.txt (just for demonstration purposes this is mode 99999 where hash = password) RE: Hashcat help with email combining to password. - ongroddd - 04-02-2020 Whenever i put --show into it, it's doesn't work. with --username it's fine but --show messes up my code, there's a long list of passwords that just say "changeme" RE: Hashcat help with email combining to password. - philsmd - 04-02-2020 short answer: --show should never be used while you are cracking (it's used afterwards, when already cracked) see: https://hashcat.net/faq#how_can_i_show_previously_cracked_passwords_and_output_them_in_a_specific_format_eg_emailpassword btw: you always need to set -m to the correct hash type... just have a look at the --help output of hashcat first crack (with dictionary -a 0, or mask -a 3 etc), then after cracking use --show without any dictionary, without any mask etc RE: Hashcat help with email combining to password. - Oubiserine - 06-01-2022 Hey, I am having some problem cracking an email password. I have multiple questions 1. What should my worksheet be like 2. What are the commands that should I use RE: Hashcat help with email combining to password. - Snoopy - 06-01-2022 @Oubiserine you will need some type of hash to begin with, "online" guessing is not supported so for a first start go to any website providing a hashgenerator for a given input like md5 of test is 098f6bcd4621d373cade4e832627b4f6 hashcat -a3 -m0 --increment 098f6bcd4621d373cade4e832627b4f6 ?l?l?l?l?l?l this will start hashcat in -a3 bruteforemode -m0 hashmode is md5 --increment increment mode for mask, begin with length one until reaching maxlenght of the given mask ?l?l?l?l?l?l mask of lenght 6 just lower chars RE: Hashcat help with email combining to password. - Oubiserine - 06-01-2022 (06-01-2022, 02:08 PM)Snoopy Wrote: @OubiserineOkay buy what should I type to get a specific hash for the email? RE: Hashcat help with email combining to password. - pdo - 06-01-2022 (06-01-2022, 02:41 PM)Oubiserine Wrote: Okay buy what should I type to get a specific hash for the email? Hashcat does not attack online targets. You must already possess the hash. RE: Hashcat help with email combining to password. - Oubiserine - 06-01-2022 (06-01-2022, 02:48 PM)pdo Wrote:Sorry for asking several questions, i am still a noob. If I want to crack an email password. Hash = email or password?(06-01-2022, 02:41 PM)Oubiserine Wrote: Okay buy what should I type to get a specific hash for the email? RE: Hashcat help with email combining to password. - Snoopy - 06-01-2022 (06-01-2022, 03:09 PM)Oubiserine Wrote:(06-01-2022, 02:48 PM)pdo Wrote:Sorry for asking several questions, i am still a noob. If I want to crack an email password. Hash = email or password?(06-01-2022, 02:41 PM)Oubiserine Wrote: Okay buy what should I type to get a specific hash for the email? you cant "crack" an emailpassword when you dont know the passwordhash mostly passwordhashes are obtained from so called breaches, when some "hackers" are able to get access to lets say the database from any website/forum whatsoever then they can see lets say username:passwordhash directly in the database and then they could be able to crack it no database no passwordhash no cracking when you try to login into a webseite, your given password is hashed inside your browser (mostly), send to the webseite and simple compared to the stored hash in the database, equal okay login sucsessful, but the website will never "tell" you the stored hash inside the database by default (thats the reason why you will need the hash from some breach) |