#https get - basic auth
hashcat -m 0 -a 0 /root/hashes/hashes.txt /root/rockyou.txt
hashcat64.exe -m 3200 -a 0 C:\Users\user1\Documents\hash.txt C:\Users\user1\Documents\rockyou.txt
#keepass
Hashcat64.exe -m 13400 -a 0 /root/hashes/hashes.txt /root/rockyou.txt
# benchmark tests
hashcat -b
# MD5, straight mode, simple dictonary attack
hashcat -m 0 -a 0 -D2 example.hash example.dict
Specify certain habit or behavior when processing a wordlist. Can design rules.
# custom.rule
cat custom.rule
l
u
c
r
$1
$2
$3
[
]
^1
# providing custom rule
hashcat -m 0 -a 0 -D2 example.hash example.dict -r custom.rule
Statistics to show which rule is more effective when cracking against a leaked database of huge passwords.
Try all combinations from a given keyspace just like brute-force attack, but more specific.
eg. if im cracking 5 letter password, I have to provide 5 masks
# use a mask of 8 lower case characters '?l' and finally from all character '?a'
hashcat -m 0 -a 3 example.hash ?l?l?l?l?l?l?l?a
