Hashcat v3.6.0 - World's Fastest and Most Advanced Password Recovery Utility

hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable distributed password cracking.

Installation

Download the latest release and unpack it in the desired location. Please remember to use 7z x when unpacking the archive from the command line to ensure full file paths remain intact.

GPU Driver requirements:

• AMD GPUs on Windows require "AMD Radeon Software Crimson Edition" (15.12 or later)
• AMD GPUs on Linux require "AMDGPU-PRO Driver" (16.40 or later)
• Intel CPUs require "OpenCL Runtime for Intel Core and Intel Xeon Processors" (16.1.1 or later)
• Intel GPUs on Windows require "OpenCL Driver for Intel Iris and Intel HD Graphics"
• Intel GPUs on Linux require "OpenCL 2.0 GPU Driver Package for Linux" (2.0 or later)
• NVIDIA GPUs require "NVIDIA Driver" (367.x or later)

Features

• World's fastest password cracker
• World's first and only in-kernel rule engine
• Free
• Open-Source (MIT License)
• Multi-OS (Linux, Windows and OSX)
• Multi-Platform (CPU, GPU, DSP, FPGA, etc., everything that comes with an OpenCL runtime)
• Multi-Hash (Cracking multiple hashes at the same time)
• Multi-Devices (Utilizing multiple devices in same system)
• Multi-Device-Types (Utilizing mixed device types in same system)
• Supports distributed cracking networks (using overlay)
• Supports interactive pause / resume
• Supports sessions
• Supports restore
• Supports reading password candidates from file and stdin
• Supports hex-salt and hex-charset
• Supports automatic performance tuning
• Supports automatic keyspace ordering markov-chains
• Built-in benchmarking system
• Integrated thermal watchdog
• 200+ Hash-types implemented with performance in mind
• ... and much more

Algorithms

• MD4
• MD5
• Half MD5 (left, mid, right)
• SHA1
• SHA-224
• SHA-256
• SHA-384
• SHA-512
• SHA-3 (Keccak)
• BLAKE2b-512
• SipHash
• Skip32
• RIPEMD-160
• Whirlpool
• DES (PT = $salt, key = $pass)
• 3DES (PT = $salt, key = $pass)
• ChaCha20
• GOST R 34.11-94
• GOST R 34.11-2012 (Streebog) 256-bit
• GOST R 34.11-2012 (Streebog) 512-bit
• md5($pass.$salt)
• md5($salt.$pass)
• md5(unicode($pass).$salt)
• md5($salt.unicode($pass))
• md5($salt.$pass.$salt)
• md5($salt.md5($pass))
• md5($salt.md5($salt.$pass))
• md5($salt.md5($pass.$salt))
• md5(md5($pass))
• md5(md5($pass).md5($salt))
• md5(strtoupper(md5($pass)))
• md5(sha1($pass))
• sha1($pass.$salt)
• sha1($salt.$pass)
• sha1(unicode($pass).$salt)
• sha1($salt.unicode($pass))
• sha1(sha1($pass))
• sha1($salt.sha1($pass))
• sha1(md5($pass))
• sha1($salt.$pass.$salt)
• sha1(CX)
• sha256($pass.$salt)
• sha256($salt.$pass)
• sha256(unicode($pass).$salt)
• sha256($salt.unicode($pass))
• sha512($pass.$salt)
• sha512($salt.$pass)
• sha512(unicode($pass).$salt)
• sha512($salt.unicode($pass))
• HMAC-MD5 (key = $pass)
• HMAC-MD5 (key = $salt)
• HMAC-SHA1 (key = $pass)
• HMAC-SHA1 (key = $salt)
• HMAC-SHA256 (key = $pass)
• HMAC-SHA256 (key = $salt)
• HMAC-SHA512 (key = $pass)
• HMAC-SHA512 (key = $salt)
• PBKDF2-HMAC-MD5
• PBKDF2-HMAC-SHA1
• PBKDF2-HMAC-SHA256
• PBKDF2-HMAC-SHA512
• MyBB
• phpBB3
• SMF (Simple Machines Forum)
• vBulletin
• IPB (Invision Power Board)
• WBB (Woltlab Burning Board)
• osCommerce
• xt:Commerce
• PrestaShop
• MediaWiki B type
• WordPress
• Drupal 7
• Joomla
• PHPS
• Django (SHA-1)
• Django (PBKDF2-SHA256)
• Episerver
• ColdFusion 10+
• Apache MD5-APR
• MySQL
• PostgreSQL
• MSSQL
• Oracle H: Type (Oracle 7+)
• Oracle S: Type (Oracle 11+)
• Oracle T: Type (Oracle 12+)
• Sybase
• hMailServer
• DNSSEC (NSEC3)
• IKE-PSK
• IPMI2 RAKP
• iSCSI CHAP
• CRAM-MD5
• MySQL CRAM (SHA1)
• PostgreSQL CRAM (MD5)
• SIP digest authentication (MD5)
• WPA
• WPA2
• NetNTLMv1
• NetNTLMv1+ESS
• NetNTLMv2
• Kerberos 5 AS-REQ Pre-Auth etype 23
• Kerberos 5 TGS-REP etype 23
• Netscape LDAP SHA/SSHA
• FileZilla Server
• LM
• NTLM
• Domain Cached Credentials (DCC), MS Cache
• Domain Cached Credentials 2 (DCC2), MS Cache 2
• DPAPI masterkey file v1 and v2
• MS-AzureSync PBKDF2-HMAC-SHA256
• descrypt
• bsdicrypt
• md5crypt
• sha256crypt
• sha512crypt
• bcrypt
• scrypt
• OSX v10.4
• OSX v10.5
• OSX v10.6
• OSX v10.7
• OSX v10.8
• OSX v10.9
• OSX v10.10
• iTunes backup < 10.0
• iTunes backup >= 10.0
• AIX {smd5}
• AIX {ssha1}
• AIX {ssha256}
• AIX {ssha512}
• Cisco-ASA MD5
• Cisco-PIX MD5
• Cisco-IOS $1$ (MD5)
• Cisco-IOS type 4 (SHA256)
• Cisco $8$ (PBKDF2-SHA256)
• Cisco $9$ (scrypt)
• Juniper IVE
• Juniper NetScreen/SSG (ScreenOS)
• Juniper/NetBSD sha1crypt
• Fortigate (FortiOS)
• Samsung Android Password/PIN
• Windows Phone 8+ PIN/password
• GRUB 2
• CRC32
• RACF
• Radmin2
• Redmine
• PunBB
• OpenCart
• Atlassian (PBKDF2-HMAC-SHA1)
• Citrix NetScaler
• SAP CODVN B (BCODE)
• SAP CODVN F/G (PASSCODE)
• SAP CODVN H (PWDSALTEDHASH) iSSHA-1
• PeopleSoft
• PeopleSoft PS_TOKEN
• Skype
• WinZip
• 7-Zip
• RAR3-hp
• RAR5
• AxCrypt
• AxCrypt in-memory SHA1
• PDF 1.1 - 1.3 (Acrobat 2 - 4)
• PDF 1.4 - 1.6 (Acrobat 5 - 8)
• PDF 1.7 Level 3 (Acrobat 9)
• PDF 1.7 Level 8 (Acrobat 10 - 11)
• MS Office <= 2003 MD5
• MS Office <= 2003 SHA1
• MS Office 2007
• MS Office 2010
• MS Office 2013
• Lotus Notes/Domino 5
• Lotus Notes/Domino 6
• Lotus Notes/Domino 8
• Bitcoin/Litecoin wallet.dat
• Blockchain, My Wallet
• Blockchain, My Wallet, V2
• 1Password, agilekeychain
• 1Password, cloudkeychain
• LastPass
• Password Safe v2
• Password Safe v3
• KeePass 1 (AES/Twofish) and KeePass 2 (AES)
• JKS Java Key Store Private Keys (SHA1)
• Ethereum Wallet, PBKDF2-HMAC-SHA256
• Ethereum Wallet, SCRYPT
• eCryptfs
• Android FDE <= 4.3
• Android FDE (Samsung DEK)
• TrueCrypt
• VeraCrypt
• LUKS
• Plaintext

Attack-Modes

• Straight ^*
• Combination
• Brute-force
• Hybrid dict + mask
• Hybrid mask + dict

^* accept Rules

Supported OpenCL runtimes

• AMD
• Apple
• Intel
• Mesa (Gallium)
• NVidia
• pocl

Supported OpenCL device types

• GPU
• CPU
• APU
• DSP
• FPGA
• Coprocessor

Download Hashcat

Read More

Dagon - Advanced Hash Manipulation

Named after the prince of Hell, Dagon (day-gone) is an advanced hash cracking and manipulation system, capable of bruteforcing multiple hash types, creating bruteforce dictionaries, automatic hashing algorithm verification, random salt generation from Unicode to ASCII, and much more.

Screenshots

Bruteforcing made easy with a built in wordlist creator if you do not specify one. The wordlist will create 100,000 strings to use

Verify what algorithm was used to create that hash you're trying to crack. You can specify to view all possible algorithms by providing the -L flag (some algorithms are not implemented yet)

Random salting, unicode random salting, or you can make your own choice on the salt.

Basic usage
For full functionality of Dagon please reference the homepage here
python dagon.py -h This will run the help menu and provide a list of all possible flags
python dagon.py -c <HASH> --bruteforce This will attempt to bruteforce a given hash
python dagon.py -l <FILE-PATH> --bruteforce This will attempt to bruteforce a given file full of hashes (one per line)
python dagon.py -v <HASH> This will try to verify the algorithm used to create the hash
python dagon.py -V <FILE-PATH> This will attempt to verify each hash in a file, one per line

Installation
Dagon requires python version 2.7.x to run successfully.

• git clone https://github.com/ekultek/dagon.git
• cd Dagon
• pip install -r requirements.txt

This should install all the dependencies that you will need to run Dagon

Contributions
All contributions are greatly appreciated and helpful. When you contribute you will get your name placed on the homepage underneath contributions with a link to your contribution. You will also get massive respect from me, and that's a pretty cool thing. What I'm looking for in contributions is some of the following:

• Hashing algorithm creations, specifically; A quicker MD2 algorithm, full Tiger algorithms, Keychain algorithms for cloud and agile
• More wordlists to download from, please make sure that the link is encoded
• Rainbow table attack implementation
• More regular expressions to verify different hash types

Download Dagon

Read More

HashPump - A Tool To Exploit The Hash Length Extension Attack In Various Hashing Algorithms

A tool to exploit the hash length extension attack in various hashing algorithms.
Currently supported algorithms: MD5, SHA1, SHA256, SHA512.

Help Menu

$ hashpump -h
HashPump [-h help] [-t test] [-s signature] [-d data] [-a additional] [-k keylength]
    HashPump generates strings to exploit signatures vulnerable to the Hash Length Extension Attack.
    -h --help          Display this message.
    -t --test          Run tests to verify each algorithm is operating properly.
    -s --signature     The signature from known message.
    -d --data          The data from the known message.
    -a --additional    The information you would like to add to the known message.
    -k --keylength     The length in bytes of the key being used to sign the original message with.
    Version 1.2.0 with CRC32, MD5, SHA1, SHA256 and SHA512 support.
    <Developed by bwall(@botnet_hunter)>

Sample Output

$ hashpump -s '6d5f807e23db210bc254a28be2d6759a0f5f5d99' --data 'count=10&lat=37.351&user_id=1&long=-119.827&waffle=eggo' -a '&waffle=liege' -k 14
0e41270260895979317fff3898ab85668953aaa2
count=10&lat=37.351&user_id=1&long=-119.827&waffle=eggo\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02(&waffle=liege

Compile & install

$ git clone https://github.com/bwall/HashPump.git
$ apt-get install g++ libssl-dev
$ cd HashPump
$ make
$ make install

apt-get and make install require root privileges to run correctly. The actual requirement is for -lcrypto, so depending on your operating system, your dependencies may vary.
On OS X HashPump can also be installed using Homebrew:

$ brew install hashpump

Mentions
HashPump has been mentioned in a few write-ups. If you are wondering how you can use HashPump, these are some great examples.

• http://ctfcrew.org/writeup/54
• http://d.hatena.ne.jp/kusano_k/20140310/1394471922 (JP)
• http://conceptofproof.wordpress.com/2014/04/13/plaidctf-2014-web-150-mtgox-writeup/
• http://achatz.me/plaid-ctf-mt-pox/
• http://herkules.oulu.fi/thesis/nbnfioulu-201401141005.pdf
• https://github.com/ctfs/write-ups/tree/master/plaid-ctf-2014/mtpox

Python Bindings
Fellow Python lovers will be pleased with this addition. Saving me from writing an implementation of all these hash algorithms with the ability to modify states in Python, Python bindings have been added in the form of hashpumpy. This addition comes from zachriggle.

Installation
These Python bindings are available on PyPI and can be installed via pip. pip install hashpumpy

Usage

>>> import hashpumpy
>>> help(hashpumpy.hashpump)
Help on built-in function hashpump in module hashpumpy:

hashpump(...)
    hashpump(hexdigest, original_data, data_to_add, key_length) -> (digest, message)

    Arguments:
        hexdigest(str):      Hex-encoded result of hashing key + original_data.
        original_data(str):  Known data used to get the hash result hexdigest.
        data_to_add(str):    Data to append
        key_length(int):     Length of unknown data prepended to the hash

    Returns:
        A tuple containing the new hex digest and the new message.
>>> hashpumpy.hashpump('ffffffff', 'original_data', 'data_to_add', len('KEYKEYKEY'))
('e3c4a05f', 'original_datadata_to_add')

Python 3 note
hashpumpy supports Python 3. Different from the Python 2 version, the second value (the new message) in the returned tuple from hashpumpy.hashpump is a bytes-like object instead of a string.

Download HashPump

Read More

[Blackhash] Audit Passwords Without Hashes

A traditional password audit typically involves extracting password hashes from systems and then sending those hashes to a third-party security auditor or an in-house security team. These security specialists have the knowledge and tools to effectively audit password hashes. They use password cracking software such as John the Ripper and Hashcat in an effort to uncover weak passwords.

However, there are many risks associated with traditional password audits. The password hashes may be lost or stolen from the security team. A rogue security team member may secretly make copies of the password hashes. How would anyone know? Basically, once the password hashes are given to the security team, the system manager must simply trust that the password hashes are handled and disposed of securely and that access to the hashes is not abused.

Blackhash works by building a bloom filter from the system password hashes. The system manager extracts the password hashes and then uses Blackhash to build the filter. The filter is saved to a file, then compressed and given to the security team. The filter is just a bitset that contains ones and zeros. It does not contain the password hashes or any other information about the users or the accounts from the system. It’s just a string of ones and zeros. You may

view a Blackhash filter with a simple text editor. It will look similar to this:

00000100000001000100001

When the security team receives the filter, they use Blackhash to test it for known weak password hashes. If weak passwords are found, the security team creates a weak filter and sends that back to the system manager. Finally, the system manager tests the weak filter to identify individual users so that they can be contacted and asked to change passwords.

This enables you to audit passwords without actually giving out the hashes.

Pros

• Password hashes never leave the system team.
• Works with any simple, un-salted hash. LM, NT, MD5, SHA1, etc.
• Security auditors do not have to transmit, handle or safe-guard the password hashes.
• Anonymizes the users. The filter contains no data about the users at all.

Cons

• Slower than traditional password cracking methods.
• More complex than traditional password cracking methods.
• Bloom Filters may produce a few false positives (very few in this case).

Download Blackhash: Windows - Linux

Read More

[Hashcat v0.47] The world’s fastest CPU-based password recovery tool

Hashcat is the world’s fastest CPU-based password recovery tool.

While it’s not as fast as its GPU counterparts oclHashcat-plus and oclHashcat-lite, large lists can be easily split in half with a good dictionary and a bit of knowledge of the command switches.

Changelog v0.47

• added -m 123 = EPi
• added -m 1430 = sha256(unicode($pass).$salt)
• added -m 1440 = sha256($salt.unicode($pass))
• added -m 1441 = EPiServer 6.x >= v4
• added -m 1711 = SSHA-512(Base64), LDAP {SSHA512}
• added -m 1730 = sha512(unicode($pass).$salt)
• added -m 1740 = sha512($salt.unicode($pass))
• added -m 7400 = SHA-256(Unix)
• added -m 7600 = Redmine SHA1
• debug mode can now be used also together with -g, generate rule
• support added for using external salts together with mode 160 = HMAC-SHA1 (key = $salt)
• allow empty salt/key for HMAC algos
• allow variable rounds for hash modes 500, 1600, 1800, 3300, 7400 using rounds= specifier
• added –generate-rules-seed, sets seed used for randomization so rulesets can be reproduced
• added output-format type 8 (position:hash:plain)
• updated/added some hcchr charset files in /charsets, some new files: Bulgarian, Polish, Hungarian
• format output when using –show according to the –outfile-format option
• show mask length in status screen
• –disable-potfile in combination with –show or –left resulted in a crash, combination was disallowed

Features

• Multi-Threaded
• Free
• Multi-Hash (up to 24 million hashes)
• Multi-OS (Linux, Windows and OSX native binaries)
• Multi-Algo (MD4, MD5, SHA1, DCC, NTLM, MySQL, …)
• SSE2, AVX and XOP accelerated
• All Attack-Modes except Brute-Force and Permutation can be extended by rules
• Very fast Rule-engine
• Rules compatible with JTR and PasswordsPro
• Possible to resume or limit session
• Automatically recognizes recovered hashes from outfile at startup
• Can automatically generate random rules
• Load saltlist from external file and then use them in a Brute-Force Attack variant
• Able to work in an distributed environment
• Specify multiple wordlists or multiple directories of wordlists
• Number of threads can be configured
• Threads run on lowest priority
• Supports hex-charset
• Supports hex-salt
• 90+ Algorithms implemented with performance in mind
• …and much more

Download hashcat v0.47

Read More

[HashTag] Password Hash Type Identification (Identify Hashes)

HashTag.py is a Python script written to parse and identify the password hash type used.

HashTag supports the identification of over 250 hash types along with matching them to over 110 hashcat modes (use the command line switch -hc to output the hashcat modes). It is also able to identify a single hash, parse a single file and identify the hashes within it, or traverse a root directory and all subdirectories for potential hash files and identify any hashes found.

One of the biggest aspects of this tool is the identification of password hashes. The main attributes used to distinguish between hash types are character set (hexadecimal, alphanumeric, etc.), hash length, hash format (e.g. 32 character hash followed by a colon and a salt), and any specific substrings (e.g. ‘$1$’). A lot of password hash strings can’t be identified as one specific hash type based on these attributes. For example, MD5 and NTLM hashes are both 32 character hexadecimal strings. In these cases the author made an exhaustive list of possible types and has the tool output reflect that.

It has three main arguments:

• Identifying a single hash type (-sh)
• Parsing and identifying multiple hashes from a file (-f)
• Traversing subdirectories to locate files which contain hashes and parse/identify them (-d)

Usage:

HashTag.py {-sh hash |-f file |-d directory} [-o output_filename] [-hc] [-n]

Download HashTag

Read More

[Hashcat v0.46] Multi-Threaded Password Hash Cracking Tool

hashcat claims to be the world’s fastest CPU-based password recovery tool, while not as fast as GPU powered hash brute forcing (like CUDA-Multiforcer), it is still pretty fast.

hashcat was written somewhere in the middle of 2009. Yes, there were already close-to-perfect working tools supporting rule-based attacks like “PasswordsPro”, “John The Ripper”. However for some unknown reason, both of them did not support multi-threading. That was the only reason to write hashcat: To make use of the multiple cores of modern CPUs.

Granted, that was not 100% correct. John the Ripper already supported MPI using a patch, but at that time it worked only for Brute-Force attack. There was no solution available to crack plain MD5 which supports MPI using rule-based attacks.

Hashcat, from its first version, v0.01, was called “atomcrack”. This version was very poor, but at least the MD5 kernel was written in assembler utilizing SSE2 instructions and of course it was multi-threaded. It was a simple dictionary cracker, nothing more. But it was fast. Really fast. Some guys from the scene become interested in it and after one week there were around 10 beta testers. Everything worked fine and so requests for more algorithm types, a rule-engine for mutation of dictionaries, a windows version and different attack modes were added. These developments took around half a year, and were completely non-public.

Features

• Multi-Threaded
• Multi-Hash (up to 24 million hashes)
• Multi-OS (Linux, Windows and OSX native binaries)
• Multi-Algo (MD4, MD5, SHA1, DCC, NTLM, MySQL, …)
• SSE2, AVX and XOP accelerated
• All Attack-Modes except Brute-Force and Permutation can be extended by rules
• Very fast Rule-engine
• Rules compatible with JTR and PasswordsPro
• Possible to resume or limit session
• Automatically recognizes recovered hashes from outfile at startup
• Can automatically generate random rules
• Load saltlist from external file and then use them in a Brute-Force Attack variant
• Able to work in an distributed environment
• Specify multiple wordlists or multiple directories of wordlists
• Number of threads can be configured
• Threads run on lowest priority
• Supports hex-charset
• Supports hex-salt
• 80+ Algorithms implemented with performance in mind

Detailed documentation and command line switches can be found here – hashcat.

Download Hashcat v0.46

Read More

[Hash Console v1.5] All-in-one Command-line tool to generate hash md5, sha1, sha256, sha384, sha512, lm, ntlm, base64, crc32, rot13

Hash Console is the all-in-one command-line based tool to quickly generate more than 15 different type of hashes. It can generate hash for any given file or simple text.

Hashes or checksums are used for multiple purposes including file integrity verification, encryption, password storage etc. Hash Console help you easily and quickly quickly computing the hash for given file or text.

Currently it supports following popular hash types

• MD5 family (md2, md4, md5)
• SHA family (sha1, sha256, sha384, sha512)
• BASE64
• ROT13
• CRC32
• ADLER32
• HAVAL256
• LM
• NTLM
• RIPEMD160
• WHIRLPOOL

Being a command-line tool makes it ideal for automation and easy to use on remote systems.

 Download Hash Console v1.5

Read More