Pro Tips
-
A cheat-sheet for password crackers
Source: A_cheat-sheet_for_password_crackers
CHEAT_SHEET_unix_ninja.txt -
C cyclone pinned this topic on
-
Title:Analyze and create rules for large hashlists
Author:hashcat's developers
URL:https://hashcat.net/wiki/doku.php?id=hashcat
Description:Analyze and create rules for large hashlists. In some cases, this could be useful.Command:
hashcat -m 0 large_hash_list wordlist -g 500000 --debug-mode=1 --debug-file=new.rule-g, --generate-rules | Num | Generate X random rules
--debug-file | File | Output file for debugging rules-
[ Rule Debugging Modes ] -
| Format
===+========
1 | Finding-Rule
2 | Original-Word
3 | Original-Word:Finding-Rule
4 | Original-Word:Finding-Rule:Processed-Word
5 | Original-Word:Finding-Rule:Processed-Word:Wordlist
-
-
-
Title:Check the candidates generated by hashcat rule file
Author:freeroute
URL:https://paste.hashpwn.net/?e695c3709b553d0f#BX9utL4md1xmvirutURJYycRvCqRncAyhstWGMYNj9MtDescription:Check the candidates generated by the Hashcat rule file. -
Title:Check the candidates generated by hashcat rule file
Author:freeroute
URL:https://paste.hashpwn.net/?e695c3709b553d0f#BX9utL4md1xmvirutURJYycRvCqRncAyhstWGMYNj9MtDescription:Check the candidates generated by the Hashcat rule file. -
Title:Analyze and create rules for large hashlists
Author:hashcat's developers
URL:https://hashcat.net/wiki/doku.php?id=hashcat
Description:Analyze and create rules for large hashlists. In some cases, this could be useful.Command:
hashcat -m 0 large_hash_list wordlist -g 500000 --debug-mode=1 --debug-file=new.rule-g, --generate-rules | Num | Generate X random rules
--debug-file | File | Output file for debugging rules-
[ Rule Debugging Modes ] -
| Format
===+========
1 | Finding-Rule
2 | Original-Word
3 | Original-Word:Finding-Rule
4 | Original-Word:Finding-Rule:Processed-Word
5 | Original-Word:Finding-Rule:Processed-Word:Wordlist
@freeroute wrote a script via chatgpt to analyze the debug file
Title: python script to analyze debug rule file
Author: ChatGPT
Code:from collections import Counter # Reading data from the file input_file = 'new.rule' # Path to your input file output_file = 'output.txt' # Path to the output file where results will be saved # Try opening the file with a different encoding try: with open(input_file, 'r', encoding='utf-8') as file: strings = file.readlines() except UnicodeDecodeError: with open(input_file, 'r', encoding='ISO-8859-1') as file: strings = file.readlines() # Removing unnecessary spaces (e.g., newline characters) strings = [line.strip() for line in strings] # Counting the frequency of each line counter = Counter(strings) # Sorting lines by frequency (in descending order) sorted_strings = counter.most_common() # Writing the sorted lines and their frequency to a new file with open(output_file, 'w', encoding='utf-8') as file: for line, count in sorted_strings: file.write(f"{line} - {count}\n") print(f"Result saved in {output_file}")Description: Simply run specifying the received file from the hashcat. In the output you will get the rules that were used most often1x1660 Ti | 2x4090 | epileptic/anxiety/despair/drain | hashpwn <3
-
-
Title: ETH hash parameters for hashcat
Description: For speed, don't use -w 4, add the below manually
-n 64 -u 8 -T 1024 --force-n, --kernel-accel - Manual workload tuning, set outerloop step size to X
-u, --kernel-loops - Manual workload tuning, set innerloop step size to X
-T, --kernel-threads - Manual workload tuning, set thread count to X
--force - Ignore warnings -
Title: HTTP Digest access authentication algorithm
Hashcat mode: -m 11400 - SIP digest authentication (MD5)
Format:$sip$*192.168.100.100*192.168.100.121*username*asterisk*REGISTER*sip*192.168.100.121**2b01df0b****MD5*ad0520061ca07c120d7e8ce696a6df2d $sip$***Mufasa*[email protected]*GET**/dir/index.html**dcd98b7102dd2f0e8b11d0f600bfb0c093*0a4f113b*00000001*auth*MD5*6629fae49393a05397450978507c4ef1 $sip$*[URI_SERVER]*[URI_CLIENT]*[USERNAME]*[REALM]*[METHOD]*[URI_PREFIX]*[URI_RESOURCE]*[URI_SUFFIX]*[NONCE_SERVER]*[NONCE_CLIENT]*[NONCE_COUNT]*[QOP]*[DIRECTIVE]*[MD5]Sources:
https://github.com/hashcat/hashcat/issues/1021
https://hashcat.net/forum/thread-7054-post-37744.html#pid37744 -
Title:rulechef - a markov rule generator
Author:Cynosure Prime
Description:Analyses a ruleset for hashcat/mdxfind/john the ripper and iteratively generates rules based on markov chains created from the input rules. Users can specify additional parameters such as the min/max rule operations, chain probability and starting chain limits.This tool was written in an attempt to craft better quality rules as opposed to the usual rule stacking or randomly generating rules.
Source:https://github.com/Cynosureprime/rulechef -
Title:Plundering and pillaging password and passphrase plains for profit
Author:Will Hunt
Description:In this talk we'll look beyond the basics of cracking and arm you with further attacks when you feel you're out of options. We'll look at multiple paths for cracking delimited passphrases and review when you'd want to use these attacks and why. Target-specific markov tables will be shown to illustrate how you could be missing out on elusive plains without even realising it, as well as getting the best bang for your buck out of your rule-based attacks by identifying non-efficient operations. Then, after reviewing transliterated attacks and hash shucking, we'll wrap up with the release of a tool to help you automate the initial heavy lifting of your attack cycles.Will Hunt
Will (@Stealthsploit) has been in infosec for over 15 years, co-founded In.security in 2018 and as a pentester has helped secure many organisations through technical security services and training. Will's a Black Hat trainer and has taught and spoken at several conferences and events, as well as helping run Password Village at DEFCON. Will also assists the UK government in various technical, educational and advisory capacities. Before Will was a security consultant he was an experienced digital forensics consultant and trainer.Security Fest is an inspiring and unique IT security conference held in Gothenburg, Sweden. The event is an excellent opportunity to learn more about IT security, and a great way to connect with both the renowned international speakers, and the other attendees.
-
Title:hcxcommic.
ZeroBeat:ZeroBeat
Source:https://github.com/ZerBea/hcxtools
Description:It takes as input a 22000 hashcat -o file and a hash file and converts it to a HEX:PLAIN file.
Accepted by hashmob if the MIC is in both input files present. That makes it much easier to submit findings to hashmob.net.Download a 22000 left list from hashmob either via web interface (filter by 22000)
https://hashmob.net/hashlists/user or by ID (get if via web interface (https://hashmob.net/hashlists/user)I prefer via ID: (12612 is the ID shown in hm web interface:
$ wget https://cdn.hashmob.net/hashlists/12589/125892.leftRun hashcat against this list and use its -o option to store the findings to file!
Either use your own word list
$ hashcat -m 22000 -o 12589.found 12589.left wordlist
...
Recovered........: 8/3358 (0.24%) Digests (total), 8/3358 (0.24%) Digests (new), 8/2857 (0.28%) Salts
...Or get one from wpa-sec
$ wget https://wpa-sec.stanev.org/dict/cracked.txt.gz
$ hashcat -m 22000 -o 12589.found 12589.left wordlistGenerate the hash file accepted by hm:
$ hcxcommic 12589.found 12589.left > hm.foundSubmit hm.found to hashmob (choose 22000).
Note: hasmob marks some hashes as invalid.
That's because hashmob has a massif(!) missing new line (\0a) problem! It has been reported.
