How to crack passwords using a GUI on Windows 7 – Hashcat
Step 1 – Install .NET 4 framework – Stand alone installer
Step 2 – Download OCL Hashcat 1.36 for Windows
Step 3 – Download Hashcat Gui for Windows
Step 4 – Watch the video regarding rulesets and wordlists
This is background information so that you can adapt your attack for windows hashes or unix hashes etc.
-m = hash type (the hash varies by operating system)
-a = Attack Mode (we’ll use both Straight and Combination Attack)
-r = rules file (look for xyz.rule)
Questions to ask
1. What hash algorithm is being used? MD5 or NTLM?
2. What wordlists do you want to use?
The rockyou database is one of the best, with 14 million unique passwords.
3. What rulesets do you want to use?
Straight through or Combinator?
Step 5 – Collect Password Dictionaries
The 2 major cracking dictionaries are Rockyou, and CrackStation.
Rockyou contains 14 million unique passwords.
CrackStation. For MD5 and SHA1 hashes, there is a 190GB, 15-billion-entry lookup table, and for other hashes, they offer a 19GB 1.5-billion-entry lookup table.
Download CrackStation by Torrent:
Some hashes will fail to be cracked, this is due to several reasons, it may not be a md5 hash, it may not be in your password list etc.
Hashes are case sensitive, so Password1 is not the same as password1.
oclHashcat-Plus uses your GPU rather than your CPU to crack passwords. Graphics cards are MUCH faster as an attack tool, than a CPU… MANY times faster.