Supriya Ghosh (Editor)

Hashcat

Updated on
Edit
Like
Comment
Share on FacebookTweet on TwitterShare on LinkedInShare on Reddit
Developer(s)
  
Jens 'atom' Steube

Operating system
  
Cross-platform

License
  
MIT License

Development status
  
Active

Type
  
Password cracking

Stable release
  
3.40 / 3 March 2017; 9 days ago (2017-03-03)

Hashcat is the self-proclaimed world’s fastest CPU-based password recovery tool. It is released as free software (it had a proprietary codebase until 2015). Versions are available for Linux, OS X, and Windows and can come in CPU-based or GPU-based variants. Examples of hashcat supported hashing algorithms are Microsoft LM hashes, MD4, MD5, SHA-family, Unix Crypt formats, MySQL, Cisco PIX.

Contents

Hashcat has made its way into the news many times for the optimizations and flaws discovered by its creator, which become exploited in subsequent hashcat releases. (For example, the flaw in 1Password's password manager hashing scheme.)

Variants

Hashcat used to come in two main variants:

  • Hashcat - A CPU-based password recovery tool
  • oclHashcat/cudaHashcat - A GPU-accelerated tool (OpenCL or CUDA)
  • With the release of hashcat v3.00 the GPU and CPU tools were merged into a single tool called hashcat v3.00. hashcat the CPU only version became hashcat-legacy.

    Many of the algorithms supported by hashcat-legacy can be cracked in a shorter time by using the well-documented GPU acceleration leveraged in oclHashcat, cudaHashcat and hashcat v3.00(such as MD5, SHA1, and others). However, not all algorithms can be accelerated by leveraging GPUs. Bcrypt is a good example of this. Due to factors such as data-dependent branching, serialization, and memory (to name just a few), oclHashcat/cudaHashcat weren't catchall replacements for hashcat-legacy.

    hashcat-legacy is available for Linux, OSX and Windows. oclHashcat/cudaHashcat is only available for Linux and Windows due to improper implementations in OpenCL on OSX. . hashcat is available for OSX, Windows, and Linux with GPU, CPU and generic OpenCL support which allows for FPGA's and other accelerator cards.

    Sample output

    $ ./hashcat-cli64.bin examples/A0.M0.hash examples/A0.M0.word Initializing hashcat v0.47 by atom with 8 threads and 32mb segment-size... Added hashes from file examples/A0.M0.hash: 102 (1 salts) NOTE: press enter for status-screen --- Output Omitted --- All hashes have been recovered Input.Mode: Dict (examples/A0.M0.word) Index.....: 1/1 (segment), 102 (words), 2769 (bytes) Recovered.: 102/102 hashes, 1/1 salts Speed/sec.: - plains, - words Progress..: 102/102 (100.00%) Running...: --:--:--:-- Estimated.: --:--:--:-- Started: Tue Dec 10 18:07:54 2013 Stopped: Tue Dec 10 18:07:54 2013

    Attack types

    Hashcat offers multiple attack modes for obtaining effective and complex coverage over a hash's keyspace. These modes are:

  • Brute-Force attack
  • Combinator attack
  • Dictionary attack
  • Fingerprint attack
  • Hybrid attack
  • Mask attack
  • Permutation attack
  • Rule-based attack
  • Table-Lookup attack
  • Toggle-Case attack
  • PRINCE attack (in CPU version 0.48 and higher only)
  • The traditional bruteforce attack is considered outdated, and the Hashcat core team recommends the Mask-Attack as a full replacement.

    Competitions

    Team Hashcat (the official team of the Hashcat software composed of core Hashcat members) won first place in the KoreLogic "Crack Me If you Can" Competitions at DefCon in 2010, 2012, 2014 and 2015.

    References

    Hashcat Wikipedia