a very essential basic question!

[Farshad68]

Hi

Since a week I’ve been reading articles and watched some videos about password “recovery” by cracking the hashes and I have a question which might sound silly! When the hashes are cracked we have the real letters and numbers so the real password. Just imagine the result of cracking a hash is Kim1234. How do we know for which url/website this password is? How do we know that’s the username so that we combine it with this cracked password? 

PS; I know I'm not supposed to post a ticket without reading wiki and searching the forum etc. I did all of that and still no answer to my question.

Thanks for any help.

[atom]

If you have a password hash you must have it from some kind of database. That database has the username linked to the hash. It's just not important for hashcat to know.

[Farshad68]

Thanks for ur kind and fast reply Atom. It will be my last question here I promise :-)
So.... just "imagine" someone is interested cracking password of a user he should first obtain those data/hashes from the website he wants to get acces to, right? Like some kind of acces to;

- %systemroot%\system32\config
- %systemroot%\repair (but only if rdisk has been run)
- In the registry under HKEY_LOCAL_MACHINE\SAM

[Xanadrel]

Obviously closing this.
This is not related to hashcat.
You don't ask this kind of things.