Hashcat help with email combining to password.
#11
(06-01-2022, 03:20 PM)Snoopy Wrote:
(06-01-2022, 03:09 PM)Oubiserine Wrote:
(06-01-2022, 02:48 PM)pdo Wrote:
(06-01-2022, 02:41 PM)Oubiserine Wrote:  Okay buy what should I type to get a specific hash for the email?

Hashcat does not attack online targets. You must already possess the hash.
Sorry for asking several questions, i am still a noob. If I want to crack an email password. Hash = email or password?

you cant "crack" an emailpassword when you dont know the passwordhash

mostly passwordhashes are obtained from so called breaches, when some "hackers" are able to get access to lets say the database from any website/forum whatsoever

then they can see lets say username:passwordhash directly in the database and then they could be able to crack it

no database no passwordhash no cracking

when you try to login into a webseite, your given password is hashed inside your browser (mostly), send to the webseite and simple compared to the stored hash in the database, equal okay login sucsessful, but the website will never "tell" you the stored hash inside the database by default (thats the reason why you will need the hash from some breach)
So I need to get the data base of the email by using breaches so I can get the passwordhash and then I can get the password?
Reply
#12
(06-01-2022, 04:11 PM)Oubiserine Wrote: So I need to get the data base of the email by using breaches so I can get the passwordhash and then I can get the password?

more or less yes

but it would be very very very unlikely to get a database dump from any of the great email providers

most* breaches are old websites, forums and little shops, then you could get email:pwhash, crack the hash and try wether the password is also used to login into the email itself (most humans are lazy and use their passwords more than once) or not

*of cource there where some really big breaches too
Reply
#13
(06-01-2022, 03:20 PM)Snoopy Wrote:
(06-01-2022, 03:09 PM)Oubiserine Wrote:
(06-01-2022, 02:48 PM)pdo Wrote:
(06-01-2022, 02:41 PM)Oubiserine Wrote:  Okay buy what should I type to get a specific hash for the email?

Hashcat does not attack online targets. You must already possess the hash.
Sorry for asking several questions, i am still a noob. If I want to crack an email password. Hash = email or password?

you cant "crack" an emailpassword when you dont know the passwordhash

mostly passwordhashes are obtained from so called breaches, when some "hackers" are able to get access to lets say the database from any website/forum whatsoever

then they can see lets say username:passwordhash directly in the database and then they could be able to crack it

no database no passwordhash no cracking

when you try to login into a webseite, your given password is hashed inside your browser (mostly), send to the webseite and simple compared to the stored hash in the database, equal okay login sucsessful, but the website will never "tell" you the stored hash inside the database by default (thats the reason why you will need the hash from some breach)
Hey, sorry for asking too many question 😅. Can u help getting the passwordhash?
Reply