13 November 2013 | 4,519 views

hashcat – Multi-Threaded Password Hash Cracking Tool

Prevent Network Security Leaks with Acunetix

hashcat claims to be the world’s fastest CPU-based password recovery tool, while not as fast as GPU powered hash brute forcing (like CUDA-Multiforcer), it is still pretty fast.

hashcat was written somewhere in the middle of 2009. Yes, there were already close-to-perfect working tools supporting rule-based attacks like “PasswordsPro”, “John The Ripper”. However for some unknown reason, both of them did not support multi-threading. That was the only reason to write hashcat: To make use of the multiple cores of modern CPUs.

Granted, that was not 100% correct. John the Ripper already supported MPI using a patch, but at that time it worked only for Brute-Force attack. There was no solution available to crack plain MD5 which supports MPI using rule-based attacks.

Hashcat, from its first version, v0.01, was called “atomcrack”. This version was very poor, but at least the MD5 kernel was written in assembler utilizing SSE2 instructions and of course it was multi-threaded. It was a simple dictionary cracker, nothing more. But it was fast. Really fast. Some guys from the scene become interested in it and after one week there were around 10 beta testers. Everything worked fine and so requests for more algorithm types, a rule-engine for mutation of dictionaries, a windows version and different attack modes were added. These developments took around half a year, and were completely non-public.

hashcat - multi-thread password cracker

Features

  • Multi-Threaded
  • Multi-Hash (up to 24 million hashes)
  • Multi-OS (Linux, Windows and OSX native binaries)
  • Multi-Algo (MD4, MD5, SHA1, DCC, NTLM, MySQL, …)
  • SSE2, AVX and XOP accelerated
  • All Attack-Modes except Brute-Force and Permutation can be extended by rules
  • Very fast Rule-engine
  • Rules compatible with JTR and PasswordsPro
  • Possible to resume or limit session
  • Automatically recognizes recovered hashes from outfile at startup
  • Can automatically generate random rules
  • Load saltlist from external file and then use them in a Brute-Force Attack variant
  • Able to work in an distributed environment
  • Specify multiple wordlists or multiple directories of wordlists
  • Number of threads can be configured
  • Threads run on lowest priority
  • Supports hex-charset
  • Supports hex-salt
  • 80+ Algorithms implemented with performance in mind

You can download hashcat here:

hashcat-0.46.7z

Detailed documentation and command line switches can be found here – hashcat.

Or read more here.



Recent in Hacking Tools:
- iSniff-GPS – Passive Wifi Sniffing Tool With Location Data
- masscan – The Fastest TCP Port Scanner
- drozer – The Leading Security Testing Framework For Android

Related Posts:
- HashTag – Password Hash Type Identification (Identify Hashes)
- PACK – Password Analysis & Cracking Kit
- Pipal – Password Analyzer Tool

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,870,678 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,061,679 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 625,346 views

Advertise on Darknet

Comments are closed.