06-26-2018, 12:55 AM
(This post was last modified: 06-26-2018, 01:00 AM by vigilantbag.)
According to [https://hashes.org/leaks.php?id=556], weheartit.com's hash algorithm is MD5. There is already a huge list of cracked hashes on there if you are looking for relatively old and possibly no longer working passwords. If however, you have a fresh and untold database of hashes, you can enter them manually into [http://md5decrypt.net/en/] or try these two commands below. There are multiple forms of MD5 Hashcat can manage, but the list on hashes.org seem to only contain straight MD5 (bad idea if you ask me); However, there may be a different setup than what hashes.org is telling me, so refer to [https://hashcat.net/wiki/doku.php?id=example_hashes] for the full list of available hashes for your -m [hash type] flag. Considering that weheartit.com allows users to register using third party login authorization, you may not be able to get the accounts of all users on the site. Only the dumb ones .
----------------------------------------------------------
Mask Attack: hashcat -a 3 -m 0 -i --increment-min=1 --increment-max=12 hash.txt [Mask char set] -o cracked.txt --outfile-format=2
Wordlist/Dictionary/Straight/pls choose one word for this attack: hashcat -a 1 -m 0 hash.txt wordlist.txt -o cracked.txt --outfile-format=2
----------------------------------------------------------
----------------------------------------------------------
Mask Attack: hashcat -a 3 -m 0 -i --increment-min=1 --increment-max=12 hash.txt [Mask char set] -o cracked.txt --outfile-format=2
Wordlist/Dictionary/Straight/pls choose one word for this attack: hashcat -a 1 -m 0 hash.txt wordlist.txt -o cracked.txt --outfile-format=2
----------------------------------------------------------