I ran hashcat with a bunch of *.16800 hash files, what is best way to see results? - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: I ran hashcat with a bunch of *.16800 hash files, what is best way to see results? (/thread-9428.html) |
I ran hashcat with a bunch of *.16800 hash files, what is best way to see results? - Time2P8nic - 07-30-2020 So i see that there are results in the potfile, but don't see an obvious to me way to get output of the SSID:<password>. I see the outfile-format, but it seems I can only choose a format that has the SSID, and one that has the password, but not at the same time. Is there a good way to view these? Thanks. RE: I ran hashcat with a bunch of *.16800 hash files, what is best way to see results? - Mem5 - 07-31-2020 - Use -o results.txt to write results to this file. - Now, you can use --show to print the already cracked passwords. - printing contents like "cat hashcat.potfile" can also do the job Finally, --help is also a great place RE: I ran hashcat with a bunch of *.16800 hash files, what is best way to see results? - philsmd - 07-31-2020 the ESSID (network name) will be in hexadecimal format (hex encoded), you would need to hex decode the last field (before the password). RE: I ran hashcat with a bunch of *.16800 hash files, what is best way to see results? - Time2P8nic - 08-01-2020 (07-31-2020, 04:23 PM)philsmd Wrote: the ESSID (network name) will be in hexadecimal format (hex encoded), you would need to hex decode the last field (before the password). You mean the first part of potfile line, is the ESSID hex encoded? Know of command line to convert to regular text? RE: I ran hashcat with a bunch of *.16800 hash files, what is best way to see results? - philsmd - 08-02-2020 if we have a hash like this (masked with XXX, see https://hashcat.net/forum/announcement-2.html): Code: 45XXXX330c4570de8b0846b48fXXXX15:b34XXXX1b316:3f416fe0XXXX:68617368636174 for which the password is "hashcat!" without quotes (and an exclamation mark at the end) and a potfile entry like this: Code: b36XXXX063b4db0f63669fdc744702dd852462d8eab074ef9fc568886aXXXXb8*68617368636174:hashcat! we see that 68617368636174 is the last field before the password ("hashcat!" is the password) and if we decode the hexadecimal ESSID we get this: Code: hashcat in linux we would use Code: $ echo -n 68617368636174 | xxd -r -p perl: Code: $ perl -e 'print pack ("H*", "68617368636174") . "\n";' python: Code: $ python -c 'import binascii; print binascii.unhexlify ("68617368636174");' php: Code: $ php -r 'print hex2bin ("68617368636174") . "\n";' |