Posts: 3
Threads: 1
Joined: Jan 2024
Posts: 3
Threads: 1
Joined: Jan 2024
Out of 116 visits, is there not a single sympathetic person to advise me? Can you give me a clue why am I not getting the result? Did I make a mistake in typing the command in the terminal screen? How do I train the software or make it search indefinitely? The search stops after one minute.
Posts: 3
Threads: 1
Joined: Jan 2024
01-16-2024, 09:01 AM
(This post was last modified: 01-16-2024, 09:03 AM by aqw.)
you must find it funny that I took the K ali version just for that, not really knowing how to make hashcat work already
I don't know Linux at all and I took this distribution because it already included the tools. I did not succeed under w11
Posts: 119
Threads: 1
Joined: Apr 2022
(01-15-2024, 09:40 PM)aqw Wrote: Hi,
I am trying to recover a password for the first time. How would you solve this as I am not getting the result?
I have tried with Hashcat and John the Ripper.
How can I obtain a very comprehensive john.lst or nmap.lst list, or how can I make the software try all possibilities indefinitely?
Thank.
Wordlists can be found in many places or you can create your own if you have any clues to what the password could be. Just make a google search.
Many wordlists are found at fx weakpass.com and hashmob.net.
You can also brute force, but the hash rate on mode 9600 is quite low.... But if you need to, use -a3 for brute force and -i for increment. Have a look at hashcat wiki.
Oh, and using a VM to run hash cracking on is not recommended.
Posts: 890
Threads: 15
Joined: Sep 2017
first your password list is very small, 5000 passwords are a very tiny list
just take a look here,
https://github.com/danielmiessler/SecLis.../Passwords
there are many other lists you can try but this will also not guarantee, that your searched password is in there
to generate more password candidates see the wiki about rules (there are some rulesets already preshipped with hashcat, that will lead to more inpuut even with small lists (use the dive rulset for example)
last option would be bruteforce, but with just 3000 hashes per second is it not worth trying, except you have real good infos about the pass like lenght or passwordstyle