练习有关使用hashcat的小习题
CrackTheHash
会用到的网站:
crackonline
hashcat_mode
Task1
1 MD5
hash-identifier:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50
| HASH: 48bb6e862e54f2a795ffc4e541caed4d
Possible Hashs: [+] MD5 [+] Domain Cached Credentials - MD4(MD4(($pass)).(strtolower($username)))
Least Possible Hashs: [+] RAdmin v2.x [+] NTLM [+] MD4 [+] MD2 [+] MD5(HMAC) [+] MD4(HMAC) [+] MD2(HMAC) [+] MD5(HMAC(Wordpress)) [+] Haval-128 [+] Haval-128(HMAC) [+] RipeMD-128 [+] RipeMD-128(HMAC) [+] SNEFRU-128 [+] SNEFRU-128(HMAC) [+] Tiger-128 [+] Tiger-128(HMAC) [+] md5($pass.$salt) [+] md5($salt.$pass) [+] md5($salt.$pass.$salt) [+] md5($salt.$pass.$username) [+] md5($salt.md5($pass)) [+] md5($salt.md5($pass)) [+] md5($salt.md5($pass.$salt)) [+] md5($salt.md5($pass.$salt)) [+] md5($salt.md5($salt.$pass)) [+] md5($salt.md5(md5($pass).$salt)) [+] md5($username.0.$pass) [+] md5($username.LF.$pass) [+] md5($username.md5($pass).$salt) [+] md5(md5($pass)) [+] md5(md5($pass).$salt) [+] md5(md5($pass).md5($salt)) [+] md5(md5($salt).$pass) [+] md5(md5($salt).md5($pass)) [+] md5(md5($username.$pass).$salt) [+] md5(md5(md5($pass))) [+] md5(md5(md5(md5($pass)))) [+] md5(md5(md5(md5(md5($pass))))) [+] md5(sha1($pass)) [+] md5(sha1(md5($pass))) [+] md5(sha1(md5(sha1($pass)))) [+] md5(strtoupper(md5($pass))) --------------------------------------------------
|
1 2
| $ hashcat -m 0 48bb6e862e54f2a795ffc4e541caed4d /rockyou.txt --force 48bb6e862e54f2a795ffc4e541caed4d:easy
|
2 SHA1
hash-identifier:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34
| HASH: CBFDAC6008F9CAB4083784CBD1874F76618D2A97
Possible Hashs: [+] SHA-1 [+] MySQL5 - SHA-1(SHA-1($pass))
Least Possible Hashs: [+] Tiger-160 [+] Haval-160 [+] RipeMD-160 [+] SHA-1(HMAC) [+] Tiger-160(HMAC) [+] RipeMD-160(HMAC) [+] Haval-160(HMAC) [+] SHA-1(MaNGOS) [+] SHA-1(MaNGOS2) [+] sha1($pass.$salt) [+] sha1($salt.$pass) [+] sha1($salt.md5($pass)) [+] sha1($salt.md5($pass).$salt) [+] sha1($salt.sha1($pass)) [+] sha1($salt.sha1($salt.sha1($pass))) [+] sha1($username.$pass) [+] sha1($username.$pass.$salt) [+] sha1(md5($pass)) [+] sha1(md5($pass).$salt) [+] sha1(md5(sha1($pass))) [+] sha1(sha1($pass)) [+] sha1(sha1($pass).$salt) [+] sha1(sha1($pass).substr($pass,0,3)) [+] sha1(sha1($salt.$pass)) [+] sha1(sha1(sha1($pass))) [+] sha1(strtolower($username).$pass) --------------------------------------------------
|
1 2
| $ hashcat -m 100 CBFDAC6008F9CAB4083784CBD1874F76618D2A97 rockyou.txt --force cbfdac6008f9cab4083784cbd1874f76618d2a97:password123
|
3 SHA-256
hash-identifier:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
| HASH: 1C8BFE8F801D79745C4631D09FFF36C82AA37FC4CCE4FC946683D7B336B63032
Possible Hashs: [+] SHA-256 [+] Haval-256
Least Possible Hashs: [+] GOST R 34.11-94 [+] RipeMD-256 [+] SNEFRU-256 [+] SHA-256(HMAC) [+] Haval-256(HMAC) [+] RipeMD-256(HMAC) [+] SNEFRU-256(HMAC) [+] SHA-256(md5($pass)) [+] SHA-256(sha1($pass)) --------------------------------------------------
|
1 2 3
| $ hashcat -m 1400 1C8BFE8F801D79745C4631D09FFF36C82AA37FC4CCE4FC946683D7B336B63032 rockyou.txt --force
1c8bfe8f801d79745c4631d09fff36c82aa37fc4cce4fc946683d7b336b63032:letmein
|
4 bcrypt
hash-identifier:
1 2 3
| HASH: $2y$12$Dwt1BZj6pcyc3Dy1FWZ5ieeUznr71EeNkJkUlypTsgbX1H68wsRom
Not Found.
|
经过google之后发现这是bcrypt
1 2
| $ hashcat -m 3200 1.txt rockyou.txt --force $2y$12$Dwt1BZj6pcyc3Dy1FWZ5ieeUznr71EeNkJkUlypTsgbX1H68wsRom:bleh
|
5 MD4
hash-identifier:
1 2 3 4 5 6 7 8 9 10 11
| HASH: 279412f945939ba78ce0758d3fd83daa
Possible Hashs: [+] MD5 [+] Domain Cached Credentials - MD4(MD4(($pass)).(strtolower($username)))
Least Possible Hashs: [+] RAdmin v2.x [+] NTLM [+] MD4 [+] MD2
|

Task 2
1 SHA-256
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
| HASH: F09EDCB1FCEFC6DFB23DC3505A882655FF77375ED8AA2D1C13F640FCCC2D0C85
Possible Hashs: [+] SHA-256 [+] Haval-256
Least Possible Hashs: [+] GOST R 34.11-94 [+] RipeMD-256 [+] SNEFRU-256 [+] SHA-256(HMAC) [+] Haval-256(HMAC) [+] RipeMD-256(HMAC) [+] SNEFRU-256(HMAC) [+] SHA-256(md5($pass)) [+] SHA-256(sha1($pass)) --------------------------------------------------
|
1 2 3
| $ hashcat -m 1400 F09EDCB1FCEFC6DFB23DC3505A882655FF77375ED8AA2D1C13F640FCCC2D0C85 /rockyou.txt --force
f09edcb1fcefc6dfb23dc3505a882655ff77375ed8aa2d1c13f640fccc2d0c85:paule
|
2 NTLM
1 2 3 4 5 6 7 8 9
| HASH: 1DFECA0C002AE40B8619ECF94819CC1B
Possible Hashs: [+] MD5 [+] Domain Cached Credentials - MD4(MD4(($pass)).(strtolower($username)))
Least Possible Hashs: [+] RAdmin v2.x [+] NTLM
|
1 2
| $ hashcat -m 1000 1DFECA0C002AE40B8619ECF94819CC1B rockyou.txt --force 1dfeca0c002ae40b8619ecf94819cc1b:n63umy8lkf4i
|
3 Linux sha512crypt
hash-info
1 2 3 4 5
| Hash: $6$aReallyHardSalt$6WKUTqzq.UQQmrm0p/T7MPpMbGNnzXPMAXi4bJMl9be.cfi3/qxIf.hsGpS41BqMhSrHVXgMpdjS6xeKZAs02.
Salt: aReallyHardSalt
Rounds: 5
|
1 2
| $hashcat -m 1800 1.hash /rockyou.txt --force $6$aReallyHardSalt$6WKUTqzq.UQQmrm0p/T7MPpMbGNnzXPMAXi4bJMl9be.cfi3/qxIf.hsGpS41BqMhSrHVXgMpdjS6xeKZAs02.:waka99
|
4 HMAC-SHA1
看提示才知道的HMAC-SHA1
1 2
| HMAC-SHA1 (key = $salt) e5d8870e5bdd26602cab8dbe07a942c8669e56d6:tryhackme
|
1 2
| hashcat -a 0 -m 160 e5d8870e5bdd26602cab8dbe07a942c8669e56d6:tryhackme /usr/share/wordlists/rockyou.txt --force e5d8870e5bdd26602cab8dbe07a942c8669e56d6:tryhackme:481616481616
|
做了这几个练习之后,深刻的怀疑要不要再配部显卡强点的电脑来跑爆破….