In the field of cybersecurity, password cracking is an essential technique used to assess the strength of passwords and improve overall security. This article will explore two popular tools, Hashcat and John the Ripper, and demonstrate how to create a wordlist using Hashcat from a word and then use John the Ripper to crack a hash.
Understanding Hashcat:
Hashcat is a powerful password recovery tool that uses brute-force, rule-based, and mask-based attacks to crack password hashes. It supports a wide range of hash algorithms and is highly optimized for speed. Before we begin cracking a hash, we’ll leverage Hashcat’s functionality to create a wordlist.
Creating a Wordlist with Hashcat:
Step 1: Install Hashcat:
- Visit the official Hashcat website (https://hashcat.net/hashcat/) and download the appropriate version for your system.
- Install Hashcat by following the installation instructions provided on the website.
Step 2: Create a Wordlist:
Launch a terminal or command prompt and navigate to the directory where Hashcat is installed.
Run the following command to generate a wordlist based on a simple word:
- ./hashcat –stdout -a 0 vry4n?d > wordlist.txt
Here, “vry4n?d” represents the simple word you want to create variations of, and “wordlist.txt” is the output file that will contain the generated wordlist.
Understanding John the Ripper:
John the Ripper (JtR) is another popular password cracking tool that works on various platforms. It combines several cracking modes, including dictionary-based, brute-force, and hybrid attacks, making it highly versatile and effective.
Cracking a Hash with John the Ripper:
Step 1: Install John the Ripper:
- Visit the official John the Ripper GitHub repository (https://github.com/openwall/john) and follow the installation instructions for your specific operating system.
Step 2: Prepare the Hash File:
- Create a text file named “hash.txt” and paste the hash you want to crack into it. Ensure there are no additional characters or spaces in the file.
Step 3: Launch John the Ripper:
- Open a terminal or command prompt and navigate to the directory where John the Ripper is installed.
Step 4: Run the Hash Cracking:
Execute the following command to crack the hash using John the Ripper:
- ./john –format=NT hash.txt –wordlist=wordlist.txt
Here, “hash.txt” is the file containing the hash, and “wordlist.txt” is the wordlist generated in the previous step using Hashcat.
Wait for John the Ripper to complete the cracking process. It will display the cracked password if successful.
How to
1. Having a hash ($2a$10$VM6EeymRxJ29r8Wjkr8Dtev0O.1STWb4.4ScG.anuu7v0EFJwgjjO) that we need to crack, if we suspect of a word or list of words, in this case PleaseSubscribe!, we can use hashcat to create a random combination of characters
- echo PleaseSubscribe! | hashcat -r /usr/share/hashcat/rules/best64.rule –stdout > wordlist.txt
- cat wordlist.txt
2. Having our wordlist, we can execute john against the hashfile
- john hashfile.txt –wordlist=wordlist.txt
- cat hashfile.txt
3. This new password can be used to access other resource, escalate privileges, lateral movement, and so.
Conclusion
We explored the powerful password cracking tools Hashcat and John the Ripper. We learned how to create a wordlist using Hashcat, leveraging its flexibility and functionality. Then, we used John the Ripper to crack a hash by providing the generated wordlist. By understanding these tools and their capabilities, security professionals can assess the strength of passwords and enhance overall cybersecurity.