This is a guide to installing hashcat on a windows 10 build. Hashcat allows for the use of GPUs to crack hashes which is significantly faster then within a VM and/or using a CPU alone.
Legal Usage: The information provided by executeatwill and this website is to be used for educational purposes only. The website creator and/or editor is in no way responsible for any misuse of the information provided. All the information on this website is meant to help the reader develop penetration testing and vulnerability aptitude to prevent attacks discussed. In no way should you use the information to cause any kind of damage directly or indirectly. Information provided by this website is to be regarded from an “ethical hacker” standpoint. Only preform testing on systems you OWN and/or have expressed written permission. Use information at your own risk.
By continued reading, you acknowledge the aforementioned user risk/responsibilities.
Keep in mind by using your GPU the faster the clock speed the faster it will crack hashes. Understand with increased speed comes increased heat. Our goal should be to ensure we control the heat being generated from large password lists to which I recommend MSI Afterburner.
(recommended) - MSI Afterburner can be used to monitor/overclock GPUs and is found at:
https://www.msi.com/page/afterburner
First head over to: https://hashcat.net/hashcat/
download the hashcat binaries - link
extract hashcat-5.1.0
inside the directory create x2 text files:
1 |
|
within the hash.txt - add hashes you would like to crack. within the cracked.txt - you should have cracked hashes append here.
Testing a MD5 hash create a quick MD5 hash at: http://www.miraclesalad.com/webtools/md5.php
1 |
|
or within Kali:
1 |
|
Place the newly generated hash into the hash.txt file and save
Open command prompt as Administrator
change directory and navigate to hashcat directory.
Hashcat Help file - Quick Reference
1 |
|
Brute Force Attacking:
1 |
|
-m0 = MD5 hashes -a5 = Attack type: Brute forcing -o = output file
execute
in my case I have x1 GTX 1070 for cracking.
After a few seconds MD5 is cracked
In this example it took 10s to crack this MD5 hash using brute force with x1 GTX 1070.
Hashcat GUI For a bit easier user experience I recommend checking out Hashcat GUI.
Download: https://hashkiller.co.uk/hashcat-gui.aspx
Setup: Start by downloading the HashcatGUI_1.1beta0.zip from above website.
We are going to need to extract the zip and copy all the contents from the orginal hashcat into GUI directory.
files from hashcat folder were pasted into GUI folder.
inside same GUI folder create a new folder called wordlists
where are you going to find wordlists you ask? Lets checkout SecLists on github: https://github.com/danielmiessler/SecLists
hashkiller download section also has an frequently updated password list: https://hashkiller.co.uk/downloads.aspx
Starting Hashcat GUI Locate and run HashcatGUI.exe
add wordlists under Wordlist tab
configure the input file to the hash.txt and the output file to the cracked.txt. untick “Disabled Pot File” untick “CPU only” change Format: Plain change Hashcat Path
configured in my case to crack MD5 hashes.
to run Click “I”m a HashKiller”