Skip to content

How to crack passwords using a GUI on Windows 7 – Hashcat


Step 1 – Install .NET 4 framework – Stand alone installer

Step 2 – Download OCL Hashcat 1.36 for Windows

hashcat gpu

Step 3 – Download Hashcat Gui for Windows


Step 4 – Watch the video regarding rulesets and wordlists

Hashcat options.

This is background information so that you can adapt your attack for windows hashes or unix hashes etc.

hashcat –help

-m = hash type  (the hash varies by operating system)

-a = Attack Mode (we’ll use both Straight and Combination Attack)

-r = rules file (look for xyz.rule)



Questions to ask

1. What hash algorithm is being used? MD5 or NTLM?

2. What wordlists do you want to use?

The rockyou database is one of the best, with 14 million unique passwords.

3. What rulesets do you want to use?

Straight through or Combinator?


Step 5 – Collect Password Dictionaries

The 2 major cracking dictionaries are Rockyou, and CrackStation.

Rockyou contains 14 million unique passwords.

CrackStation.  For MD5 and SHA1 hashes, there is a 190GB, 15-billion-entry lookup table, and for other hashes, they offer a 19GB 1.5-billion-entry lookup table.

Download CrackStation by Torrent:

Some hashes will fail to be cracked,  this is due to several reasons, it may not be a md5 hash, it may not be in your password list etc.

Hashes are case sensitive, so Password1 is not the same as password1.

oclHashcat-Plus uses your GPU rather than your CPU to crack passwords.  Graphics cards are MUCH faster as an attack tool, than a CPU… MANY times faster.



book cover


KALI – How to crack passwords using Hashcat – The Visual Guide

BRUTE FORCE HACKING – Brute force Calculator – A Visual Guide

How to write a password that takes over 35 quadrillion years to crack (but is easy to remember)

  1. samalbahaykubo permalink

    Reblogged this on Samal Bahay Kubo.


  2. joekano76 permalink

    Reblogged this on TheFlippinTruth.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: