No idea how to succeed cracking hashes
#1
Greetings!
I'm new here, but I've used hashcat before.

My problem, which is giving me a huge headache, is that I can't succesfully crack anything!
I'm here to ask for help and advices.

So far, my use of hashcat has been with wordlists, straight attacks, but as you can imagine, I found nothing.
I would love to crack some hashes, but I don't know how to move. Can you please help me, telling how do you do it?

For example, how can you crack an MD5? I am 100% sure you use a rule or something like that, but I have no idea. Also, my wordlists are big (>5Gb), so I think they are pretty useless if I'm not sure the password is inside that file.

Another example, how to crack a wpa2? Usually, I search for the router name, find some passwords and make a mask on that. But what if that has been changed? how can I crack it?

Hope you can help me, because I'm lost.
#2
First off, no one knows if the password they are looking for is in the wordlist they're using.  That's why you have numerous wordlists and keep trying.  That failing, use wordlists with rules.  There are numerous examples of using rules in the wiki and FAQ.

Perhaps you should try to crack some of the example hashes listed on the "example hashes" link about half way down the wiki page.  All passwords are [ hashcat ] (without the brackets) with exceptions noted.  
Also on the wiki page there are numerous references to using each of the attack modes. Follow the examples and adapt to each new situation.  The FAQ has a plethora of information on using hashcat.  It's a good read with examples and answers many questions.

READ, READ, READ. then READ some more and PRACTICE, PRACTICE, PRACTICE.
Good luck.

(10-19-2017, 02:16 PM)forkbomb Wrote: Greetings!
I'm new here, but I've used hashcat before.

My problem, which is giving me a huge headache, is that I can't succesfully crack anything!
I'm here to ask for help and advices.

So far, my use of hashcat has been with wordlists, straight attacks, but as you can imagine, I found nothing.
I would love to crack some hashes, but I don't know how to move. Can you please help me, telling how do you do it?

For example, how can you crack an MD5? I am 100% sure you use a rule or something like that, but I have no idea. Also, my wordlists are big (>5Gb), so I think they are pretty useless if I'm not sure the password is inside that file.

Another example, how to crack a wpa2? Usually, I search for the router name, find some passwords and make a mask on that. But what if that has been changed? how can I crack it?

Hope you can help me, because I'm lost.
#3
(10-19-2017, 02:16 PM)forkbomb Wrote: Also, my wordlists are big (>5Gb), so I think they are pretty useless if I'm not sure the password is inside that file.

That's not a wordlist, that's a piece of junk. I calls these "lucklists" Wink

You need much smaller wordlists with unique AND useful "words" in it. Producing candidates with rules, mask and so on is the much better way.

Bad wordlists look like this:

summer23
summer25
summer26
summer41

...

Problem is: What if the password contains summer29? It's not in the wordlist and will not be found.

A rule that combines words like summer with the numbers 0-99 is much more effective, in terms of results and speed.

Many people use the famous Rockyou.txt as a wordlist and that is a good start. With ~135MB is quite handy.
#4
(10-20-2017, 12:05 PM)Flomac Wrote:
(10-19-2017, 02:16 PM)forkbomb Wrote: Also, my wordlists are big (>5Gb), so I think they are pretty useless if I'm not sure the password is inside that file.

That's not a wordlist, that's a piece of junk. I calls these "lucklists" Wink

You need much smaller wordlists with unique AND useful "words" in it. Producing candidates with rules, mask and so on is the much better way.

Bad wordlists look like this:

summer23
summer25
summer26
summer41

...

Problem is: What if the password contains summer29? It's not in the wordlist and will not be found.

A rule that combines words like summer with the numbers 0-99 is much more effective, in terms of results and speed.

Many people use the famous Rockyou.txt as a wordlist and that is a good start. With ~135MB is quite handy.

Do you have an effective, simple, way of downsizing wordlists of these sizes? I think the process is called "stemming" or something - don't have much time to research into it at the moment.
#5
(10-20-2017, 12:05 PM)Flomac Wrote: That's not a wordlist, that's a piece of junk. I calls these "lucklists" Wink

You need much smaller wordlists with unique AND useful "words" in it. Producing candidates with rules, mask and so on is the much better way.

Bad wordlists look like this:

summer23
summer25
summer26
summer41

...

Problem is: What if the password contains summer29? It's not in the wordlist and will not be found.

A rule that combines words like summer with the numbers 0-99 is much more effective, in terms of results and speed.

Many people use the famous Rockyou.txt as a wordlist and that is a good start. With ~135MB is quite handy.

Thank you all for the help!
As I imagined, it's not simple at all. I just see many ppl finding lots of hashes in a single search and I thought it would be easy.
Do you have any suggestion on how to make an effective rule?
(10-21-2017, 05:40 PM)DDNK Wrote: Do you have an effective, simple, way of downsizing wordlists of these sizes? I think the process is called "stemming" or something - don't have much time to research into it at the moment.

I'm interested too. Thanks to highlight this, hope someone can help.
#6
(10-21-2017, 05:40 PM)DDNK Wrote: Do you have an effective, simple, way of downsizing wordlists of these sizes? I think the process is called "stemming" or something - don't have much time to research into it at the moment.

I don't. Too much depends on what you want to crack. I personally use totals from Wikipedia and remove all the non-latin-letter-words. It gives me a wide variety of words that can be combined with various masks etc.
#7
(10-19-2017, 02:16 PM)forkbomb Wrote: Greetings!
I'm new here, but I've used hashcat before.

My problem, which is giving me a huge headache, is that I can't succesfully crack anything!
I'm here to ask for help and advices.

So far, my use of hashcat has been with wordlists, straight attacks, but as you can imagine, I found nothing.
I would love to crack some hashes, but I don't know how to move. Can you please help me, telling how do you do it?

For example, how can you crack an MD5? I am 100% sure you use a rule or something like that, but I have no idea. Also, my wordlists are big (>5Gb), so I think they are pretty useless if I'm not sure the password is inside that file.

Another example, how to crack a wpa2? Usually, I search for the router name, find some passwords and make a mask on that. But what if that has been changed? how can I crack it?

Hope you can help me, because I'm lost.

About the WPA2 part, it is considered a "strong" hash, meaning that it will result in slow cracking speed even on high-end equipments, so brute forcing is pretty much out of the question, considering the fact, that it also requires passwords to be at least 8 characters long.
Best result would be achieved by using a good combination of dictionary and rules as mentioned above.

Also, You seem to forget, that hashcat isn't a guarantee for 100% success, just a tool, which can be successful at times. There is always a chance that Your target password is 12+ in length and made entirely of random characters by a password manager, meaning You will never be able to crack it in thousands of years, even if a weak hash algorithm (i.e. MD5) is used..
So asking something like "how can you crack an MD5?" seems a bit sloppy and out of context to me, You should read the wiki first!
#8
Note that most default wpa passwords base on known key generations which make them perfectly brute-force able on a single GPU and 90% of the users don't change it.