mirror of
https://github.com/brannondorsey/naive-hashcat.git
synced 2025-04-08 17:15:34 +02:00
Compare commits
No commits in common. "master" and "data" have entirely different histories.
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,3 +1 @@
|
||||
dicts/rockyou.txt
|
||||
hashcat-src
|
||||
hashcat.pot
|
||||
|
||||
21
LICENSE
21
LICENSE
@ -1,21 +0,0 @@
|
||||
MIT License
|
||||
|
||||
Copyright (c) 2017 Brannon Dorsey <brannon@brannondorsey.com>
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
||||
@ -10,11 +10,8 @@ __DISCLAIMER: This software is for educational purposes only. This software shou
|
||||
git clone https://github.com/brannondorsey/naive-hashcat
|
||||
cd naive-hashcat
|
||||
|
||||
# if you are on MacOS/OSX, run this. If on linux or windows, skip...
|
||||
./build-hashcat-osx.sh
|
||||
|
||||
# download the 134MB rockyou dictionary file
|
||||
curl -L -o dicts/rockyou.txt https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt
|
||||
curl -o dicts/rockyou.txt
|
||||
|
||||
# cracks md5 hashes in hashcat-3.6.0/example0.hash by default
|
||||
./naive-hashcat.sh
|
||||
@ -57,7 +54,7 @@ To crack your hashes, pass this file as `HASH_FILE=hashes.txt` to the command be
|
||||
`naive-hashcat.sh` takes, at most, three parameters. All parameters are expressed using unix environment variables. The command below shows the default values set for each of the configurable environment variables that `naive-hashcat.sh` uses:
|
||||
|
||||
```bash
|
||||
HASH_FILE=hashcat-3.6.0/examples0.hash POT_FILE=hashcat.pot HASH_TYPE=0 ./naive-hashcat.sh
|
||||
HASH_FILE=hashcat-3.6.0/examples0.hash POT_FILE=hashcat.pot HASH_MODE=0 ./naive-hashcat.sh
|
||||
```
|
||||
|
||||
- `HASH_FILE` is a text file with one hash per line. These are the password hashes to be cracked.
|
||||
@ -342,4 +339,4 @@ Below is a list of hash-type codes supported by hashcat. If you don't know the t
|
||||
15600 | Ethereum Wallet, PBKDF2-HMAC-SHA256 | Password Managers
|
||||
15700 | Ethereum Wallet, SCRYPT | Password Managers
|
||||
99999 | Plaintext | Plaintext
|
||||
```
|
||||
```
|
||||
@ -1,12 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# clone the hashcat source
|
||||
git clone https://github.com/hashcat/hashcat.git hashcat-src
|
||||
|
||||
# clone the OpenCL headers
|
||||
mkdir -p hashcat-src/deps
|
||||
git clone https://github.com/KhronosGroup/OpenCL-Headers.git hashcat-src/deps/OpenCL
|
||||
|
||||
# build
|
||||
cd hashcat-src
|
||||
make
|
||||
@ -22,12 +22,12 @@ if __name__ == '__main__':
|
||||
args = parse_args()
|
||||
with open(args.accounts, 'r') as f:
|
||||
hash_to_username = { hsh: username for username, hsh in \
|
||||
[l.split(args.delimiter,1) for l in f.read().split('\n') \
|
||||
if len(l.split(args.delimiter,1)) > 1] }
|
||||
[l.split(args.delimiter) for l in f.read().split('\n') \
|
||||
if len(l.split(args.delimiter)) > 1] }
|
||||
# print(hash_to_username)
|
||||
with open(args.potfile, 'r') as f:
|
||||
hash_to_pw = { hsh: pw for hsh, pw in [l.split(':',1) for l in f.read().split('\n') \
|
||||
if len(l.split(':',1)) > 1]}
|
||||
hash_to_pw = { hsh: pw for hsh, pw in [l.split(':') for l in f.read().split('\n') \
|
||||
if len(l.split(':')) > 1]}
|
||||
|
||||
for hsh, username in hash_to_username.items():
|
||||
if hsh in hash_to_pw:
|
||||
|
||||
@ -5,53 +5,54 @@ POT_FILE="${POT_FILE:-hashcat.pot}"
|
||||
HASH_TYPE="${HASH_TYPE:-0}"
|
||||
# WEIGHT="${WEIGHT:-"medium"}" # light, medium, heavy
|
||||
|
||||
# check OSX
|
||||
if [ "$(uname)" == 'Darwin' ] ; then
|
||||
if [ -f hashcat-src/hashcat ] ; then
|
||||
HASHCAT="./hashcat-src/hashcat"
|
||||
else
|
||||
echo "You are running naive-hashcat on a MacOS/OSX machine but have not yet built the hashcat binary."
|
||||
echo "Please run ./build-hashcat-osx.sh and try again."
|
||||
exit 1
|
||||
fi
|
||||
# check Linux
|
||||
elif [ "$(uname)" == 'Linux' ] ; then
|
||||
if [ $(uname -m) == 'x86_64' ]; then
|
||||
HASHCAT="./hashcat-3.6.0/hashcat64.bin"
|
||||
else
|
||||
HASHCAT="./hashcat-3.6.0/hashcat32.bin"
|
||||
fi
|
||||
# check Windows
|
||||
elif [ "$(uname)" == 'MINGW64_NT-10.0' ] ; then
|
||||
if [ $(uname -m) == 'x86_64' ]; then
|
||||
HASHCAT="./hashcat-3.6.0/hashcat64.exe"
|
||||
else
|
||||
HASHCAT="./hashcat-3.6.0/hashcat32.exe"
|
||||
fi
|
||||
if [ $(uname -m) == 'x86_64' ]; then
|
||||
HASHCAT="./hashcat-3.6.0/hashcat64.bin"
|
||||
else
|
||||
HASHCAT="./hashcat-3.6.0/hashcat32.bin"
|
||||
fi
|
||||
|
||||
# LIGHT
|
||||
# DICTIONARY ATTACK-----------------------------------------------------------------------
|
||||
# begin with a _very_ simple and naive dictionary attack. This is blazing fast and
|
||||
# I've seen it crack ~20% of hashes
|
||||
"$HASHCAT" -m "$HASH_TYPE" -a 0 "$HASH_FILE" dicts/rockyou.txt --potfile-path "$POT_FILE"
|
||||
"$HASHCAT" -m "$HASH_TYPE" -a 0 "$HASH_FILE" dicts/rockyou.txt --potfile-path "$POT_FILE" --opencl-devices 2
|
||||
|
||||
# DICTIONARY ATTACK WITH RULES------------------------------------------------------------
|
||||
# now lets move on to a rule based attack, d3ad0ne.rule is a great one to start with
|
||||
"$HASHCAT" -m "$HASH_TYPE" -a 0 "$HASH_FILE" dicts/rockyou.txt -r hashcat-3.6.0/rules/d3ad0ne.rule --potfile-path "$POT_FILE"
|
||||
"$HASHCAT" -m "$HASH_TYPE" -a 0 "$HASH_FILE" dicts/rockyou.txt -r hashcat-3.6.0/rules/d3ad0ne.rule --potfile-path "$POT_FILE" --opencl-devices 2
|
||||
|
||||
# rockyou is pretty good, and not too slow
|
||||
"$HASHCAT" -m "$HASH_TYPE" -a 0 "$HASH_FILE" dicts/rockyou.txt -r hashcat-3.6.0/rules/rockyou-30000.rule --potfile-path "$POT_FILE"
|
||||
"$HASHCAT" -m "$HASH_TYPE" -a 0 "$HASH_FILE" dicts/rockyou.txt -r hashcat-3.6.0/rules/rockyou-30000.rule --potfile-path "$POT_FILE" --opencl-devices 2
|
||||
|
||||
|
||||
# MEDIUM
|
||||
# dive is a great rule file, but it takes a bit longer to run, so we will run it after d3ad0ne and rockyou
|
||||
"$HASHCAT" -m "$HASH_TYPE" -a 0 "$HASH_FILE" dicts/rockyou.txt -r hashcat-3.6.0/rules/dive.rule --potfile-path "$POT_FILE"
|
||||
"$HASHCAT" -m "$HASH_TYPE" -a 0 "$HASH_FILE" dicts/rockyou.txt -r hashcat-3.6.0/rules/dive.rule --potfile-path "$POT_FILE" --opencl-devices 2
|
||||
|
||||
# HEAVY
|
||||
# MASK ATTACK (BRUTE-FORCE)---------------------------------------------------------------
|
||||
"$HASHCAT" -m "$HASH_TYPE" -a 3 "$HASH_FILE" hashcat-3.6.0/masks/rockyou-1-60.hcmask --potfile-path "$POT_FILE"
|
||||
"$HASHCAT" -m "$HASH_TYPE" -a 3 "$HASH_FILE" hashcat-3.6.0/masks/rockyou-1-60.hcmask --potfile-path "$POT_FILE" --opencl-devices 2
|
||||
|
||||
# COMBINATION ATTACK----------------------------------------------------------------------
|
||||
# this one can take 12+ hours, don't use it by default
|
||||
# "$HASHCAT" -m "$HASH_TYPE" -a 1 "$HASH_FILE" dicts/rockyou.txt dicts/rockyou.txt --potfile-path "POT_FILE"
|
||||
# "$HASHCAT" -m "$HASH_TYPE" -a 1 "$HASH_FILE" dicts/rockyou.txt dicts/rockyou.txt --potfile-path "POT_FILE" --opencl-devices 2
|
||||
|
||||
# Session..........: hashcat
|
||||
# Status...........: Exhausted
|
||||
# Hash.Type........: MD5
|
||||
# Hash.Target......: hashcat-3.6.0/example0.hash
|
||||
# Time.Started.....: Sun Jul 9 22:28:27 2017 (12 hours, 24 mins)
|
||||
# Time.Estimated...: Mon Jul 10 10:53:06 2017 (6 secs)
|
||||
# Guess.Base.......: File (dicts/rockyou.txt), Left Side
|
||||
# Guess.Mod........: File (dicts/rockyou.txt), Right Side
|
||||
# Speed.Dev.#2.....: 4490.7 MH/s (6.68ms)
|
||||
# Recovered........: 4120/6494 (63.44%) Digests, 0/1 (0.00%) Salts
|
||||
# Recovered/Time...: CUR:0,13,N/A AVG:3,182,4372 (Min,Hour,Day)
|
||||
# Progress.........: 205701367493846/205730140143616 (99.99%)
|
||||
# Rejected.........: 2006/205701367493846 (0.00%)
|
||||
# Restore.Point....: 14343296/14343296 (100.00%)
|
||||
# Candidates.#2....: $HEX[3033323639346120627574746572666c79] -> $HEX[042a0337c2a156616d6f732103042a0337c2a156616d6f732103]
|
||||
# HWMon.Dev.#2.....: Temp: 77c Fan: 85% Util: 95% Core:1911MHz Mem:3802MHz Bus:8
|
||||
|
||||
# Started: Sun Jul 9 22:28:27 2017
|
||||
# Stopped: Mon Jul 10 10:53:01 2017
|
||||
Loading…
x
Reference in New Issue
Block a user