hashpwn

I confirm. None of the ready-made extractor or decryptor programs worked with the Zen browser. This person sorted out the situation for free, adapted the programs for my browser, and restored my SRP. For that, I'm incredibly grateful.

Windows Notepad Remote Code Execution - CVE-2026-20841 [image: 1771016678041-6da505d2-a552-403b-baac-4ec7e4d7020e-image.png] Summary Not to be outdone by the recent Notepad++ RCE, the Windows Notepad CVE-2026-20841 is a high-severity remote code execution (RCE) vulnerability affecting the modern Windows Notepad application. The issue was introduced after Microsoft added Markdown and rich link support to Notepad. The vulnerability stems from improper sanitation of special elements within commands, effectively allowing command injection via crafted Markdown links. Technical Details An attacker can craft a malicious .md file containing a specially constructed link. When a user opens the file in Notepad and Ctrl-clicks the link, the application may invoke external protocols or executables without sufficient validation or security warnings. Successful exploitation allows arbitrary code execution in the context of the logged-in user. Key Characteristics Type: Remote Code Execution Vector: Malicious Markdown file with crafted link User Interaction Required: Yes (file open + link click) Privileges Gained: Same as current user Attack Surface: Expanded via Markdown rendering and clickable links Impact If exploited, an attacker could: Execute arbitrary binaries Download and run malware Establish persistence Perform lateral movement (depending on user privileges) However, there were no confirmed in-the-wild exploits at the time of disclosure. Remediation Microsoft addressed the vulnerability in the February 2026 Patch Tuesday updates for the Windows 11 Notepad flaw by displaying warnings when clicking a link if it does not use the http:// or https:// protocol. [image: 1771016992930-3d882187-479e-4f14-b9c0-6c340d2d5e90-image.png] Sources: https://www.cve.org/CVERecord?id=CVE-2026-20841 https://www.bleepingcomputer.com/news/microsoft/windows-11-notepad-flaw-let-files-execute-silently-via-markdown-links/ https://www.helpnetsecurity.com/2026/02/12/windows-notepad-markdown-feature-opens-door-to-rce-cve-2026-20841/ https://socprime.com/blog/cve-2026-20841-vulnerability/ https://www.techradar.com/pro/security/microsoft-patches-concerning-windows-11-notepad-security-flaw

Found 11 Left 182 F.txt left.txt

@test123456 said in Hashchef: Are there any tutorials available, such as video tutorials? No. There is plenty of documentation on the git and is fairly straight forward to use. If you have any specific questions I am more than happy to answer them.

dump not have salt i check all bd planetarium-laupheim.de

Previous left list appears to be a found list, so using original 123.txt from OP as left list. 11675_found.txt 743_left.txt 12418 total

When will Linux versions be released?

@test123456 There are currently no plans for hashgen to support any WPA / wifi modes. What would your use case for -m 22000 be?

yes i know its multiple vaults. I have 6 vaults in total and only 1 vault will unlock with wordlist. is there perhaps something wrong with the vault itself ect and is there any way to resolve this issue (the wordlist contains all possible passwords so password is not the issue)

Answered on your other post: https://forum.hashpwn.net/post/8383

It is better to use hashcat to recover the wallet password, then use metamask_decryptor to recover the seed phrase. If you're having issues with getting hashcat to work, make sure to use metamask_extractor to properly extract the hash. Several users have run into issues getting hashcat and metamask hashes to work on Windows, so trying yours with hashcat on linux is worth a shot. I have hashcat with my custom 26620 metamask kernel hosted on github which is compatible with the metamask_extractor. https://github.com/cyclone-github/hashcat

Happy New Year, hashpwn! We wrapped up our first full year in 2025 and had a lot of fun along the way. Last month (Dec) was our highest traffic month to date, driven by the 12 Days of Christmas Challenge. A big thank you to everyone who has been part of the community, and to our staff who helped turn an idea into a reality. Here's to 2026! ~ @cyclone Current Stats Members: 331 Posts: 8.2k December 2025 Highlights Page Views: 2,637,674 Unique Visitors: 162,321 New Users: 22 Posts: 1,402 Data Served: 252 GB Uptime 24h: 100% 30d: 99.96% 1y: 99.90% Forum Traffic - 2025 [image: 1767319830465-8dab8623-5cdd-4410-8e6b-47f9969e248e-image.png]

@freeroute Is it compatible with Ubuntu? Could you share a download link?

Challenge Submission Results: Note, a couple users dup submitted on a few challenges by using different IP addresses. Other than having their username listed twice under "Submissions", there was no other affect to the outcome of the challenges. [image: 1766877679827-4e4148b0-d888-41a8-a127-9c82da28d70d-image.png] [image: 1766877702333-368a2e83-9f2a-49e0-9288-f5a99d769a1b-image.png] [image: 1766877719237-22baff5e-910f-42d6-afec-1eadde4b2def-image.png] [image: 1766877739275-f7631ead-784f-498c-96b8-1ed683e83456-image.png] [image: 1766877765661-d11ce807-a2be-469c-abb7-2dab04e7b5e0-image.png] [image: 1766877794960-da2e5535-c55b-40c7-8035-68fc50b8fb1a-image.png] [image: 1766877809068-8bf88cc1-86a9-4345-a833-f3fea629f52d-image.png] [image: 1766877824618-1417d1db-a81d-4b9a-b43b-bc1ffded77a5-image.png] [image: 1766877838552-32c1eb77-71c2-4bad-8da9-a29ee6456c16-image.png] [image: 1766877859939-48304402-822f-48c6-9a94-04961d58f985-image.png] [image: 1766877875284-f7ce3fb8-b300-4877-bbff-3d64a73e11be-image.png] [image: 1766877888849-c200760f-257e-4fe8-9b5e-e88b23659b70-image.png] The Grand Prize, aka the hidden Challenge 13, was figured out and claimed by @_cin

115_found / 1590_left found 128 more using "RS" salt only can't say if they are valid and are not withdrawn from the left list 115_found.txt 128_found_RS-salt.txt 1590_left.txt