Hashcat is an industry standard tool for password cracking. It receives updates on a regular basis and supports a large number of hash types. Plus it’s fast, and is often getting new optimizations for different hashing algorithms. A simple and effective method for using hashcat is with a dictionary and ruleset. The ruleset defines mutations which will be applied to each dictionary word. Sample CLI input is:

hashcat -m <hashtype> -r <path_to_rules> <path_to_hashes> <path_to_wordlist>

From the above command we see that we need four things (in this order):

  • hashtype
  • rules file
  • hash file
  • dictionary

Some dictionaries and rulesets that are effective are:

dicationaries

rulesets

Play around with combinations of wordlist + ruleset to get your desired results. To run an increasingly exhaustive cracking job we can do the following:

hashcat -m 1000 -r rules/best64.rule rockyou.txt
hashcat -m 1000 -r rules/d3adhob0.rule rockyou.txt
hashcat -m 1000 -r rules/_NSAKEY.v2.dive.rule rockyou.txt
hashcat -m 1000 -r rules/best64.rule crackstation-human-only.txt
hashcat -m 1000 -r rules/d3adhob0.rule crackstation-human-only.txt
hashcat -m 1000 -r rules/_NSAKEY.rule crackstation-human-only.txt

You might want to combine some rulesets to avoid any duplicate cracking attempts. Advanced hashcat users should consider developing their own rulesets and masks for higher priority cracking jobs.