An example of bruteforcing a password hash.
Create a file with the password hash with the following:
$1$GTN.gpri$DlSyKvZKMR9A9Uj9e9wR3/
$ hashcat --force -a 3 -1 ?l -m 500 hash.txt ?1?1?1?1admin
Create a file with the password hash with the following:
$1$GTN.gpri$DlSyKvZKMR9A9Uj9e9wR3/
I had to use --force to get it to work on my VM.
Attack type, bruteforce=3 : -a 3
Set the variable for the mask attack, we using just lower case letters: -1 ?l
md5 crypt $1$ : -m 500
hash file: hash.txt
mask to use (know the password uses admin): ?1?1?1?1admin
$1$GTN.gpri$DlSyKvZKMR9A9Uj9e9wR3/:sohoadmin
Session..........: hashcat
Status...........: Cracked
Hash.Type........: md5crypt, MD5 (Unix), Cisco-IOS $1$ (MD5)
Hash.Target......: $1$GTN.gpri$DlSyKvZKMR9A9Uj9e9wR3/
Time.Started.....: Fri Mar 27 14:29:09 2020 (16 secs)
Time.Estimated...: Fri Mar 27 14:29:25 2020 (0 secs)
Guess.Mask.......: ?1?1?1?1admin [9]
Guess.Charset....: -1 ?l, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 1/1 (100.00%)
Speed.Dev.#1.....: 3752 H/s (8.30ms) @ Accel:256 Loops:125 Thr:1 Vec:8
Recovered........: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 60160/456976 (13.16%)
Rejected.........: 0/60160 (0.00%)
Restore.Point....: 2304/17576 (13.11%)
Candidates.#1....: sdseadmin -> syzmadmin
HWMon.Dev.#1.....: N/A
$ hashcat --show -m 500 hash.txt
$1$GTN.gpri$DlSyKvZKMR9A9Uj9e9wR3/:sohoadmin
Labels: hashcat, useful-commands
Post a Comment