It seems like everyone wants to get on the password-cracking band-wagon these days. Hashcat is a popular tool for password recovery, and this article provides a basic introduction to using hashcat for this purpose.
First thing is first; I can't stress enough how important it is to refer to the documentation on http://hashcat.net/wiki. If you haven't read through that material yet, you may want to familiarize yourself with it quickly. There's a lot of good information there, so you may want to refer back to it from time to time when you have questions.
Secondly, Hashcat is a Command Line Interface (CLI) application. If you aren't very comfortable using the command-line, you are really going to want to brush up on that first. It's absolutely key here. Sure, there's the unofficial hashcat-gui package, but you definitely won't get any official support for it, and it's not the best way to go about cracking with Hashcat.
NOTE This article is written using the Hashcat utility, however, the same principles will also apply to oclHashcat. Unfortunately, oclHashcat (as of this writing) does not have the examples subfolder, but all of the commands should still be applicable.
On the matter of ethics...
It seems like in today's day and age, this needs to be stated, but if you are a blackhat or looking to use this kind of information for illegal/immoral purposes, look elsewhere. This information is intended to direct those on the path of information security. There are a lot of ways to learn things, but unless you have a deep understanding of the problems you are trying to protect against, there is little you can do to successfully protect from them. For that reason, I prefer the deep and dirty, hands-on approach.
On to the basics!
So why do I need to crack passwords anyway?
Hopefully, when your passwords are being stored by some sort of application or service, they are not going to be stored in plaintext for everyone to look at. (Unfortunately, this is not always the case, but for any slightly conscientious / security-minded product, this is going to be true. The rest of them deserve what they get.) "If they're not in plaintext, then how are they stored?" Well, there are two options, really.
You could encrypt the passwords and store the resulting ciphertext somewhere. However, this is generally thought to be a very bad idea! By its nature, anything that can be encrypted can be decrypted. All you need are the algorithm, and the keys. If an attacker gets a hold of this information, it's game over.
Alternatively, you could use a hashing algorithm to create a hash of the password. Unlike encryption, hashing applies a mathematical algorithm to your password that is not reversible. Once you create a hash, is theoretically impossible to get the original plaintext from it. For an attacker, this means they will need to start generating various combinations of hashes from plain-texts they choose until they eventually find the one that matches your hash.
Alright, but how do you make all of these guesses to find a matching hash?
This is where tools like Hashcat come in. You can use Hashcat to automate this guessing process and compare the results for you. There are two main flavours of Hashcat to worry about:
- Hashcat (standard CPU-based cracking software)
- oclHashcat (accelerated GPU-based cracking software)
Depending on the algorithms you are trying to attack, oclHashcat can be orders of magnitude faster to use than standard Hashcat. Operationally, however, they are pretty much the same. For the sake of learning, I will be explaining how to use the CPU version of Hashcat as it is much easier for the novice to setup and start experimenting with. Even so, this should all still be pretty applicable to oclHashcat.
Additionally, I am going to use 64-bit Linux in the examples here. Hashcat is also available for Windows and OSX, and oclHashcat is also available for Windows. If you decide to use Windows, the hashcat command switches and parameters will be the same, but you may have to use alternate shell tools if you aren't using cygwin (I won't go into that detail here.)
Let's Begin...
The latest version of Hashcat as of this writing is Hashcat 0.47. Using any modern Linux distribution, you can just download the file from the Hashcat website using the command-line:
$ wget http://hashcat.net/files/hashcat-0.47.7z
Now that you have the archive, you need to unpack it. A lot of people throw the wrong flag to 7z, so please make sure you use "x" instead of "e". Otherwise your Hashcat install may fail to work properly. For example:
$ 7za x hashcat-0.47.7z
Now you can change into the Hashcat directory and take a look at the help. It should ask you to agree to the EULA, so just type in "YES" as it asks. (As a note, I always recommend trying to examine a program's help before you start to try and use it.)
cd hashcat-0.47/
./hashcat-cli64.bin --help
Weee!! Lot's of information! :) Always remember to refer back to this when you have questions. Help should be your FIRST stop.
Since we've seen how to start hashcat, we should make a quick link to the binary. This is just going to give us less to type later on (why not make our lives easier, right?).
$ ln -s hashcat-cli64.bin hc
Great! From now on, just type hc whenever you want to use Hashcat, like this:
$ ./hc --help
On to something more interesting
Hashcat comes with a host of examples in the examples subfolder. You can see a quick listing of them like this:
$ ls examples/
They are all arranged by the attack mode (A) and the hash mode, aka hash type, (M). We are going to do a quick test with MD5. Keeping it simple, we will use the standard attack mode (mode 0) to attack these hashes. This is known as a dictionary attack. In order to use it, you just need to specify the file with your hashes, and the file for your dictionary (also known as a word-list.)
For the sake of experimentation, let's see what happens when we load the wrong example dictionary into this attack:
$ ./hc examples/A0.M0.hash examples/A0.M10.word
Initializing hashcat v0.47 by atom with 8 threads and 32mb segment-size...
Added hashes from file examples/A0.M0.hash: 102 (1 salts)
NOTE: press enter for status-screen
Input.Mode: Dict (examples/A0.M10.word)
Index.....: 1/1 (segment), 101 (words), 1342 (bytes)
Recovered.: 0/102 hashes, 0/1 salts
Speed/sec.: - plains, - words
Progress..: 101/101 (100.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--
Started: Tue Dec 10 18:08:13 2013
Stopped: Tue Dec 10 18:08:13 2013
Notice the bold line. 0 our of 102 hashes recovered.
Now let's use the correct dictionary and see the difference.
$ ./hc examples/A0.M0.hash examples/A0.M0.word
Initializing hashcat v0.47 by atom with 8 threads and 32mb segment-size...
Added hashes from file examples/A0.M0.hash: 102 (1 salts)
NOTE: press enter for status-screen
--- Output Omitted ---
All hashes have been recovered
Input.Mode: Dict (examples/A0.M0.word)
Index.....: 1/1 (segment), 102 (words), 2769 (bytes)
Recovered.: 102/102 hashes, 1/1 salts
Speed/sec.: - plains, - words
Progress..: 102/102 (100.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--
Started: Tue Dec 10 18:07:54 2013
Stopped: Tue Dec 10 18:07:54 2013
Notice that the recovery line now has 100% of the passwords recovered. Fantastic! Of course, cracking hashes in the wild won't be this simple, but this is a great first step.