. Mad76e - Basic Hash Cracking

Basic Hash Cracking

Written by Mad76e

Dedicated to a group that use to be the Elite, but lost it due to

I'm your dream, make you real

I'm your eyes when you must steal

I'm your pain when you can't feel

Sad but true

I'm your dream, mind astray

I'm your eyes while you're away

I'm your pain while you repay

You know it's sad but true, sad but true

You, you're my mask

You're my cover, my shelter

You, you're my mask

You're the one who's blamed

Copyright 2016 by Mad76e

All rights reserved This book or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of the publisher except for the use of brief quotations in a book review or scholarly journal

First printing 2016

978-1-365-59988-0

Mad76e

Please note:

This book is written from a hackers perspective, language, value and ideas may not be the same as the authors

Never try to crack anything without the owners written approval. All of the content in this book is 100% legal to do as long as you have permit from the business owner / affected user and the administrator to do so, this include old dumps of databases thats already well known, you need permission to crack those as well. This book is NOT an invitation for you to commit crimes, also before doing anything its in your interest to check with your countries laws what applies

Introduction

This book is written to those who interested to learn basics of cracking, especially in and to use it to your favor to various hashes and Im doing it in the old fashion way inside just for you to get a grip about the With this book we targeting ethical hackers that already got permission from the owner / administrator / user to test their passwords. Also its a good reason for the administrator to check that he have set the right password policies.

Normally before a pentester do this, theres a legal document that both sides need to sign. In this document there are clear instructions about what we can do and what not to do, and this is very important. If breaking this written document the pentester might face heavy fines or jail time, its serious things at least in the

Now what is Hashcat, you may wonder? And the answer is that its a multi platform password recovery tool that will crack almost anything between SHA1 to your Bitcoin wallet. We will also use other tools in our way to crack our password / key, more about them

This book is all about cracking, which means that we trying to guess or brute force our hash to get the password with different attacks. We will use mask attack, hybrid attacks and wordlist attacks against different types of hashes, with or without

To run Hashcat you will need at least one or preferably more high end ATI or NVIDIA graphics card with PCI-express slots on the motherboard. Preferably we need an I7 CPU that supports OpenCL instructions (but that is no requirement), lets talk about that later. Back in the day there were types of one that was supported by the graphics drivers, called OclHashcat (ATI GPU version) or CudaHashcat (NVIDIA GPU version) and one without acceleration for CPU, called Hashcat. Well times tend to change things and now we got CPU with some lower type of graphics instructions integrated that made it possible to accelerate the speed at the CPU because of the Intel OpenCL runtime software which means that your CPU can work with OCL related without needing a GPU!! The crew that develop Hashcat decided to go with OpenCL, because the performance was better with OpenCL than the old way, so they changed the name of the product to just Hashcat. Nowadays both and newer are accelerated. You can choose to run both for best performance or just GPU. Both have its pros and cons. Older graphics cards are also supported in the new Hashcat 3.xx, however for some reason it delivers lesser speeds than old version 2.xx, so my recommendation is to stay with the old 2.01 if its possible. Same commands that are used here are working with older but you need to change the executable file from hashcat64.exe to oclhashcat64.exe as example

Now, just a reminder, running with only raw CPU power and get a couple of thousand k/s is rather stupid when we can do this much faster with modern software. Please, for your own sake avoid old and ineffective ways to crack hashes update to latest Hashcat and install OpenCL runtime. The difference is enormous if your CPU supports

Hardware

I figured it was time to take a closer look on the computer itself that we will be using to crack our hashes with. Im going to be very brief here. You will need a cracking server or a gaming computer with one or multiple GPUs (Graphical Processing Units) if you want to crack some of these hashes! If are running cracking without a graphics card you will discover that this can be a slow method compared to the other, depending on which hash you trying to crack, so we need to speed things up a bit. Now with a modern computer you can have up to or more graphics card installed on your motherboard. It all has to do how much youre willing to pay. My three graphics cards are slow compared to the standard but they get the job done, and that's what's More graphics cards or a faster graphics card plus a modern CPU will do the task much faster, however the cost will be I do recommend at least graphics cars to start

First of all, we need a computer chassis or a metal frame, and a motherboard that has one or at least PCIe sockets (PCI Express). The speed on the PCI-express really matter, because were never going to use the whole bandwidth We also need one or more end graphics cards as AMD or NVIDIA. And thats the expensive part. We need at least 4GB in ram, preferably 8GB in Desirable is 4GB ram per graphics + 4GB to the 64bit OS and perhaps the cheapest i7 or i5 CPU. We also need a hard drive just for the OS, and the wordlists, and we need raw power to keep the rig running, preferably one or two power supply units. here is a Corsair HX1000i which depends on how many graphic cards you are Its important to have a stable system, so leave at least 250watt to the system i.e. motherboard, CPU, hard drive, WiFi-stick etc. A high end graphics card usually wants around to watts each, depending on graphics model but its better to check that out for sure. Goggle the vendor and wattage the specific card draws with full

We also must talk about PCI-Express risers. A PCI-express riser is a cable between the motherboards PCI-express socket and the graphics card. The reason we use this is the problem with heat that occur when using multiple graphics cards. The motherboard cant breathe properly, and the temperature on the motherboard Remember that each graphics card can reach about 75-90 degree Celsius. To avoid trapping heat we can build a frame and lift the cards a bit the motherboard, just to make the air flow better, plus that you can have greater distance between the cards. Now theres powered risers and non-powered ones. I suggest that you use an USB powered riser that only carries data back to the motherboard, reason for doing this is to avoid back feeding when running with multiple power supply units that can damage the motherboard.