search
Read BlogpostsLet's Connect

lock-openPassword Cracking

Focused on real-world cracking during exams.

hashtag
Cracking MD5 / SHA1 Hashes

Use rockyou.txt and check if the password is in the default wordlist.

hashcat -m 0 hash.txt /usr/share/wordlists/rockyou.txt --force

hashtag
Rule-Based Attack with Hashcat

Mutate wordlist entries to match password policies (digits, caps, symbols).

hashcat -m 0 hash.txt rockyou.txt -r demo.rule --force
chevron-rightWriting demo.rule (for Hashcat Rule-Based Attacks)hashtag

You want to mutate existing passwords to match common policies (e.g., capital letter, number, symbol).

# sample demo.rule Content
c        # Capitalize first letter (e.g., password → Password)
$1       # Append 1 (e.g., Password → Password1)
$!       # Append ! (e.g., Password1 → Password1!)
^@       # Prepend @ (e.g., @Password1!)

# create it:
echo -e "c\n$1\n$!\n^@" > demo.rule

# Use it
hashcat -m 0 hash.txt wordlist.txt -r demo.rule --force

# You can chain multiple rules on one line to apply them together:
c$1$!     # Capitalize, append 1, then append !

hashtag
Brute-Force Attack

Try all alphanumeric combinations of a given length.

hashcat -m 0 hash.txt -a 3 ?a?a?a?a?a --force

hashtag
Crack KeePass .kdbx Database

Extract hash using keepass2john and crack with hashcat.

hashtag
Crack SSH Private Key Passphrase

Convert with ssh2john and crack with John or Hashcat (if supported).

hashtag
Crack NTLM Hashes

Mode -m 1000 for NTLM hashes.

hashtag
Crack Net-NTLMv2 Hashes

Captured via responder or relays; use mode -m 5600.

hashtag
Crack bcrypt (mode 3200)

Used in some CMS platforms or modern Linux user hashes.

hashtag
Crack ZIP File Passwords

Convert ZIP to hash using zip2john and crack it.

hashtag
Crack PDF File Passwords

Convert PDF to hash using pdf2john and crack with hashcat.

hashtag
Pass-the-Hash (NTLM SMB / WinRM)

Use valid hash to authenticate without cracking.

PreviousLigolo-ng

Last updated