I ran hashcat with a bunch of *.16800 hash files, what is best way to see results?
#1
So i see that there are results in the potfile, but don't see an obvious to me way to get output of the SSID:<password>. I see the outfile-format, but it seems I can only choose a format that has the SSID, and one that has the password, but not at the same time. Is there a good way to view these?
Thanks.
Reply
#2
- Use -o results.txt to write results to this file.
- Now, you can use --show to print the already cracked passwords.
- printing contents like "cat hashcat.potfile" can also do the job

Finally, --help is also a great place Smile
Reply
#3
the ESSID (network name) will be in hexadecimal format (hex encoded), you would need to hex decode the last field (before the password).
Reply
#4
(07-31-2020, 04:23 PM)philsmd Wrote: the ESSID (network name) will be in hexadecimal format (hex encoded), you would need to hex decode the last field (before the password).

You mean the first part of potfile line, is the ESSID hex encoded? Know of command line to convert to regular text?
Reply
#5
if we have a hash like this (masked with XXX, see https://hashcat.net/forum/announcement-2.html):
Code:
45XXXX330c4570de8b0846b48fXXXX15:b34XXXX1b316:3f416fe0XXXX:68617368636174

for which the password is "hashcat!" without quotes (and an exclamation mark at the end)

and a potfile entry like this:
Code:
b36XXXX063b4db0f63669fdc744702dd852462d8eab074ef9fc568886aXXXXb8*68617368636174:hashcat!

we see that 68617368636174 is the last field before the password ("hashcat!" is the password) and if we decode the hexadecimal ESSID we get this:
Code:
hashcat

in linux we would use
Code:
$ echo -n 68617368636174 | xxd -r -p
hashcat

perl:
Code:
$ perl -e 'print pack ("H*", "68617368636174") . "\n";'
hashcat

python:
Code:
$ python -c 'import binascii; print binascii.unhexlify ("68617368636174");'
hashcat

php:
Code:
$ php -r 'print hex2bin ("68617368636174") . "\n";'
hashcat
Reply