Hashcat setup on linux os and its usage

Pranaam to all bhai ji _/\_
Today we will learn how to use 'hashcat' on linux system if you dont have it on your system by-default or it is out dated :)
her is manual process to make it working on your system ;)
lets start
first of all we need latest copy of hashcat from its website
website link is http://hashcat.net/ and here is the hashcat download page

ok , wget it on your system
i am downloading it to /icalab directory , on download completion you will get a .7z file for hashcat coe

to extract this archive , system should have 7zip utility installed , if you dont have it on your system
install it by running command
 yum install p7zip  (for fedora,redhat and centos)

apt-get install p7zip  (for ubuntu based systems)

i am using centos , so i have installed 7zip using yum

now extract hashcat.7z file
command is
7za x  file.7z
here file.7z is the 7z compressed file of hashcat code and its name is hahscat-0.47.7z
so command will be
7za x hashcat-0.47.7z

you will get a directory with same name as your .7z file  (mine compressed archive name is hashcat-0.47.7z so directory will be created with name hashcat-0.47)

enter in that directory and have a look at its content

you will find hashcat binary code for different-different platforms .
i am using linux and its hardware support 32 bit binary , so i will use  hashcat-cli32.bin  for running hashcat :)
if you are using linux OS having hardware for 64 bit support, hen you will have to use hashcat-cli64.bin file .
if you are on windows OS , select binary hashcat-cli32.exe or hashcat-cli64.exe (according to your machine hardware support).
as i executed ./hashcat-cli32.bin file , it showed , how i need to pass option and arguments to run hashcat
this is our main file .

ok :)
now i am renaming hashcat code directory from hashcat-0.47 to hashcat (no reason for it but it annoys me :P )

ok , now main step comes :)
we will create command for hashcat , means as we will type hashcat in shell terminal, shell will understand it and will execute out hashcat binary file
how???????? lets start :)
for detail , read this article http://www.mannulinux.org/2013/07/linux-shell-terminal.html
as we know, when ever we type a command in shell and try to execute it, linux shell search that command in some specific directories (read above article for deep detail).
/bin , /usr/bin are the such directories which contains command binary
here are following directories where shell search for command when we try to execute a command in linux

type command echo $PATH and shell will print possible directories where shell search for command
i am using /bin directory , where i will put
code for hashcat command is

echo -e "            //////////////////////////////////////////"
echo -e "            #    Hashcat binary executing script     #"
echo -e "            # -=[ with Love from Team IndiShell ]=-  #"
echo -e "            //////////////////////////////////////////"


# Execute commands
exec $CMD  "$@"

Note :- please have a look on this line of code
this is an important line because it tells that our hashcat code is in directory /icalab/hashcat and binary that has to use is hashcat-cli32.bin (in line CMD='./hashcat-cli32.bin')
if you have your hashcat code in directory having name /lab/hashcat , your system hardwar supports 64 bit binary , in that case you will have to change following 2 lines to make hashcat working on your system

chnage line  
and line 

rest of the code will remain same.
copy this code and save in a file having name  hashcat
copy file hashcat to directory  /bin
 run command  which hashcat and make sure, shell is recognizing it

ok , shell is recognizing hashcat command ^_^
lets start how to use it :)
hashcat need 2 paramaters

hashcat  [options]  hashfile
hashcat  [options]  hashfile password list

hashcat is the hashcat command
options are the options which you need to specify to operate hashcat and tell it to what actually hashcat has to do
like , what kind of attack we will use, what type of hashes we want to crack and many more

you can get full list of  options for hashcat on this page
or run command
hashcat --help

ok i am going to show you how to use hashcat and crack hash , i have md5 hash i a file md5hash.txt whose plain text is admin
i have a dictionary with name passwords.txt

so lets start with hash cracking using dictionary
hash is simple md5 , attack mode is simple dictionary attack , hash file name is md5hash.txt and dictionary name is passwords.txt
so command will be
hashcat  -a 0  -m 0  md5hash.txt  passwords.txt
-a 0   stands for attack mode (-a)  is simple (0)
-m 0 stands for hash type (-m) is md5 (0)

ok lets start XD

if your dictionary has plain password for the hash, you will get success message like this

ok lets start with brute forcing mode ;)
for brute forcing mode we will need to supply hash cracking method, hash type, password minimum length, password maximum length, hash file , character set and show option
hash cracking mode in brute force that is -a 3
hash type is md5 , so -m 0
character set , which tells what type of  character we want to include in brute forcing
 Built-in charsets:

   ?l = abcdefghijklmnopqrstuvwxyz
   ?d = 0123456789
   ?s =  !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
   ?a = ?l?u?d?s
like i want to use only lower case alphabets 
for that i need to add ?l in options
i am setting password minimum length to 4 and maximum length to 7
       --pw-min=NUM                  Password-length minimum
       --pw-max=NUM                  Password-length maximum

--show is for showing cracked hashes only 
if hash got cracked , --show will print that hash with its plain password

final command will be like this 

hashcat -a 0 -m 0 --pw-min=4 --pw-max=7 md5hash.txt ?l  --show

note:- ?l option should be used after hash file name else it will through an error :P

ok hashcat is ready, press enter and wait :) , if hash is weak, you will get success result soon :)
like this

this is how you can use hashcat for cracking hashes
lets have en example with joomla hash too :)
if you are using dictionary for cracking hash , hash cracking mode will be -a 0
hash type will be -m 11
for more info , see  "Specific hash types and * Hash types" section on page http://hashcat.net/wiki/doku.php?id=hashcat

command will be
hashcat -a 0 -m 11 hashfile.txt  dictionary.txt
-a 0  shows that hash cracking mode is simple
-m 11 represent hash type is joomla
hashfile.txt  is the file which contain joomla hash
dictionary.txt is the password dictionary

lets go ;)

and start XD

lets crack joomla hash with bute forcing

this is how we use hashcat :)
This tutorial was setting up hashcat on linux OS and i gave a short usage intro about it :)
Thank you

Greetz to :- Guru ji Zero , code breaker ica, Aasim shaikh,Reborn, Raman kumar rana,INX_r0ot,Darkwolf indishell, Chinmay Pandya,L0rd Crus4d3r,Hackuin ,Silent poison India,Magnum sniper,Atul Dwivedi,ethicalnoob Indishell,Local root indishell,Irfninja indishell Hardeep bhai,Mannu,Viki and AR AR bhai ji <3

Share this post


  1. I have one question please, what is command to use passwords.txt on .cap file but only words with length is longer than 8 and smaller than 10 ? Thank you.


:) :-) :)) =)) :( :-( :(( :d :-d @-) :p :o :>) (o) [-( :-? (p) :-s (m) 8-) :-t :-b b-( :-# =p~ :-$ (b) (f) x-) (k) (h) (c) cheer

© 2009 Start With Linux | Mannu Linux
Designed by cyb3r.gladiat0r
Posts RSSComments RSS
Back to top