hashcat
Crack password hashes using various methods
TLDR
Perform a brute-force attack (mode 3) with the default hashcat mask
Perform a brute-force attack (mode 3) with a known pattern of 4 digits
Perform a brute-force attack (mode 3) using at most 8 of all printable ASCII characters
Perform a dictionary attack (mode 0) using the RockYou wordlist of a Kali Linux box
Perform a rule-based dictionary attack (mode 0) using the RockYou wordlist mutated with common password variations
Perform a combination attack (mode 1) using the concatenation of words from two different custom dictionaries
Show result of an already cracked hash
Show all example hashes
SYNOPSIS
hashcat [options] [hash_file] [wordlist/mask]
PARAMETERS
-m
Specifies the hash type ID. Hashcat supports thousands of different hash types, each with a unique numeric ID.
-a
Defines the attack mode to be used. Common modes include 0 (dictionary), 1 (combinator), 3 (brute-force/mask), 6 (hybrid wordlist + mask), and 7 (hybrid mask + wordlist).
-o
Writes cracked passwords and corresponding hashes to the specified output file.
--force
Forces the use of unsupported devices, drivers, or specific situations that Hashcat might otherwise prevent.
-D
Specifies the device type to use for cracking. 1 for CPU, 2 for GPU, 3 for OpenCL, 4 for CUDA, etc.
--show
Shows cracked hashes and their corresponding plaintexts from the hashcat.potfile.
--status
Displays the cracking status regularly, showing progress, speed, and estimated time to completion.
-r
Applies rules from a specified rule file to words from a dictionary (e.g., to add numbers, symbols, or common transformations).
-i --increment
Enables increment mode for brute-force or mask attacks, which intelligently increases the length of the password being tried.
-1, -2, -3, -4
Defines custom character sets for mask attacks. For example, '-1 ?l?d' defines set 1 as lowercase letters and digits.
DESCRIPTION
Hashcat is a highly advanced, GPU-accelerated password recovery utility known for its versatility and speed. It supports an extensive array of hashing algorithms, from common formats like MD5 and SHA1 to more complex ones such as NTLM, WPA/WPA2, and various database hashes. Designed for both auditing and security testing, Hashcat offers numerous attack modes including dictionary attacks, brute-force, combinator, hybrid, mask attacks, and rule-based transformations. Its ability to leverage the computational power of modern GPUs (via OpenCL and CUDA) makes it exceptionally efficient for cracking large sets of hashes. Hashcat is a crucial tool for cybersecurity professionals conducting penetration tests, incident response, or forensic analysis, enabling them to assess password strength and recover lost credentials. Its robust feature set and continuous development ensure it remains a leading solution in the field of password auditing.
CAVEATS
Hashcat's powerful capabilities make it a sensitive tool. It should only be used for legal and ethical purposes, such as penetration testing on systems you have explicit permission to test, or for recovering your own forgotten passwords. Misuse can lead to severe legal consequences.
Performance heavily depends on hardware (especially GPUs), hash type, and the complexity of the password. High-end GPUs are often required for efficient cracking of complex hashes.
ATTACK MODES
Hashcat supports various attack modes, each optimized for different scenarios. These include dictionary attack (0), which uses wordlists; combinator attack (1), combining two wordlists; brute-force attack (3) for trying all possible character combinations; mask attack (3, with masks), a more targeted brute-force; and hybrid attacks (6, 7) combining dictionary with mask components. Understanding the appropriate mode is crucial for efficient cracking.
HASH TYPE IDENTIFICATION
Before cracking, it's essential to identify the hash type. Hashcat offers a --hash-info or --identify option (or requires manual identification via online tools like Hash-ID) to help determine the correct -m value, which is critical for successful cracking. Incorrect hash type specification will result in failure.
HISTORY
Hashcat's origins trace back to independent projects: oclHashcat for OpenCL-based GPU cracking and cudaHashcat for CUDA-based GPU cracking. Developed by atom, these tools quickly gained prominence for their unparalleled speed and efficiency. In 2015, these two projects were merged into a single, unified codebase under the name hashcat, providing a consistent interface and broader hardware support. This consolidation cemented its position as the premier open-source password recovery tool, continuously evolving with new features, attack modes, and supported hash algorithms. Its development remains active, driven by the community and the ever-changing landscape of password security.
SEE ALSO
john(1), crunch(1), aircrack-ng(8)