If you are running a GUI and double-click on the hashcat executable, it may briefly flash a command window (older hashcat versions), or may list a brief summary of its command-line options with a “Press any key to exit” prompt.
The hashcat suite is a CLI (Command Line Interface) application.
Learn how to use your operating system. 😉
Command-line utilities like hashcat do not have a GUI (though third parties do make them). You must open a command window / terminal in the same directory as hashcat, and type “hashcat” (or hashcat.bin, or hashcat.exe, etc.) to run it.
Potentially useful Google searches:
You should also review the rest of the hashcat FAQ.
NOTE: You cannot use hashcat to recover online accounts (Google, Facebook, Instagram, Twitter, etc.) - even if you have permission from the account owner.
Once you understand how to open a command window, you can't just run hashcat with no other information. You must also supply hashcat with all of the the additional parameters necessary to know what hashes to attack, what kind of attack to make, etc.
Some examples are shown in the bottom of the output of hashcat --help:
Attack- | Hash- | Mode | Type | Example command ==================+=======+================================================================== Wordlist | $P$ | hashcat -a 0 -m 400 example400.hash example.dict Wordlist + Rules | MD5 | hashcat -a 0 -m 0 example0.hash example.dict -r rules/best64.rule Brute-Force | MD5 | hashcat -a 3 -m 0 example0.hash ?a?a?a?a?a?a Combinator | MD5 | hashcat -a 1 -m 0 example0.hash example.dict example.dict Association | $1$ | hashcat -a 9 -m 500 example500.hash 1word.dict -r rules/best64.rule
And since all of the files used in these examples are included in the hashcat distribution, so you should be able to try them as shown.
* No matter what parameters you're using, hashcat always expects the first non-flag parameter to be your target hash (either directly, or in a file) - and if needed, the second non-flag parameter to be your attack's primary input (a wordlist, a mask, a list of masks, etc.). All other flags can be in any order.
So these commands are all equivalent and valid (though many users tend to order them as shown in the first one):
hashcat -a 0 -m 0 example0.hash example.dict -r rules/best64.rule hashcat -a 0 -m 0 example0.hash -r rules/best64.rule example.dict hashcat -m 0 -a 0 example0.hash -r rules/best64.rule example.dict hashcat example0.hash -r rules/best64.rule example.dict -m 0 -a 0 hashcat example0.hash -a 0 -m 0 example.dict -r rules/best64.rule hashcat example0.hash -a 0 -m 0 -r rules/best64.rule example.dict hashcat example0.hash example.dict -a 0 -m 0 -r rules/best64.rule hashcat -a 0 -m 0 -r rules/best64.rule example0.hash example.dict hashcat -r rules/best64.rule -a 0 -m 0 example0.hash example.dict
* If you are specifying a single hash directly on the command line (not in a file), and your hash has any characters in it that are treated specially by your command shell (such as “$”), either surround your hash with single quotes, or put your hash in a file instead.
* If you're not sure what hash type you have, recent/modern hashcat (version 6.2.2 or later) will try to guess (or at least narrow it down for you). To use this auto-detection, omit the -m [mode-number] parameter. If only one known hash type matches, the attack will automatically proceed. Otherwise, hashcat will show you a list of potential matches, which you will have to choose, and then include with -m [mode-number].
* For best results on Windows, run hashcat directly in its own folder (instead of running it with an absolute path from another folder). The latter is not currently supported, as a trade-off for handling special cases of file and directory naming on Windows.