1
0
mirror of https://github.com/hashcat/hashcat.git synced 2024-11-15 20:39:17 +00:00
hashcat/docs/readme.txt

359 lines
9.0 KiB
Plaintext
Raw Normal View History

_____: _____________ _____: -aTZ! _______ ____
_\ |__\_______ _/_______ _\ |_____ _______\______ /__ ______
| _ | __ \ ____/____ _ | ___/____ __ |_______/
|: | .| \ _\____ / | .| \ / \ :| |
|_____| :|______/ / //____| :|___ //_________| :|
|_____| /___________/ |_____| /_____/ /_______|
: : :
2018-12-02 10:58:48 +00:00
hashcat v5.1.0
==============
2017-10-19 14:23:44 +00:00
AMD GPUs on Linux require "RadeonOpenCompute (ROCm)" Software Platform (1.6.180 or later)
AMD GPUs on Windows require "AMD Radeon Software Crimson Edition" (15.12 or later)
Intel CPUs require "OpenCL Runtime for Intel Core and Intel Xeon Processors" (16.1.1 or later)
Intel GPUs on Linux require "OpenCL 2.0 GPU Driver Package for Linux" (2.0 or later)
Intel GPUs on Windows require "OpenCL Driver for Intel Iris and Intel HD Graphics"
NVIDIA GPUs require "NVIDIA Driver" (418.56 or later) and "CUDA Toolkit" (9.0 or later)
2015-12-04 14:47:52 +00:00
##
## Features
##
- World's fastest password cracker
- World's first and only in-kernel rule engine
2015-12-04 14:47:52 +00:00
- Free
2016-02-04 09:59:13 +00:00
- Open-Source (MIT License)
2017-10-20 11:36:47 +00:00
- Multi-OS (Linux, Windows and macOS)
- Multi-Platform (CPU, GPU, DSP, FPGA, etc., everything that comes with an OpenCL runtime)
2016-02-04 09:59:13 +00:00
- Multi-Hash (Cracking multiple hashes at the same time)
- Multi-Devices (Utilizing multiple devices in same system)
- Multi-Device-Types (Utilizing mixed device types in same system)
2018-10-28 15:47:13 +00:00
- Supports password candidate brain functionality
2016-02-04 09:59:13 +00:00
- Supports distributed cracking networks (using overlay)
- Supports interactive pause / resume
2015-12-04 14:47:52 +00:00
- Supports sessions
- Supports restore
2016-04-29 03:28:49 +00:00
- Supports reading password candidates from file and stdin
2015-12-04 14:47:52 +00:00
- Supports hex-salt and hex-charset
2016-04-29 03:28:49 +00:00
- Supports automatic performance tuning
- Supports automatic keyspace ordering markov-chains
2015-12-04 14:47:52 +00:00
- Built-in benchmarking system
- Integrated thermal watchdog
- 300+ Hash-types implemented with performance in mind
2015-12-04 14:47:52 +00:00
##
## Hash-Types
##
- MD4
- MD5
- SHA1
- SHA2-224
- SHA2-256
- SHA2-384
- SHA2-512
- SHA3-224
- SHA3-256
- SHA3-384
- SHA3-512
- RIPEMD-160
- BLAKE2b-512
- GOST R 34.11-2012 (Streebog) 256-bit, big-endian
- GOST R 34.11-2012 (Streebog) 512-bit, big-endian
- GOST R 34.11-94
- Half MD5
- Java Object hashCode()
- Keccak-224
- Keccak-256
- Keccak-384
- Keccak-512
2015-12-04 14:47:52 +00:00
- Whirlpool
- SipHash
- BitShares v0.x - sha512(sha512_bin(pass))
2015-12-04 14:47:52 +00:00
- md5($pass.$salt)
- md5($salt.$pass)
- md5($salt.$pass.$salt)
- md5($salt.md5($pass))
- md5($salt.md5($pass.$salt))
- md5($salt.md5($salt.$pass))
- md5($salt.sha1($salt.$pass))
- md5($salt.utf16le($pass))
- md5(md5($pass))
- md5(md5($pass).md5($salt))
- md5(sha1($pass))
- md5(sha1($pass).md5($pass).sha1($pass))
- md5(sha1($salt).md5($pass))
- md5(strtoupper(md5($pass)))
- md5(utf16le($pass).$salt)
2015-12-04 14:47:52 +00:00
- sha1($pass.$salt)
- sha1($salt.$pass)
- sha1($salt.$pass.$salt)
- sha1($salt.sha1($pass))
- sha1($salt.utf16le($pass))
- sha1($salt1.$pass.$salt2)
- sha1(CX)
2015-12-04 14:47:52 +00:00
- sha1(md5($pass))
2019-07-25 23:46:43 +00:00
- sha1(md5($pass).$salt)
- sha1(md5($pass.$salt))
2018-12-10 15:50:58 +00:00
- sha1(md5(md5($pass)))
- sha1(sha1($pass))
- sha1(utf16le($pass).$salt)
2015-12-04 14:47:52 +00:00
- sha256($pass.$salt)
- sha256($salt.$pass)
- sha256($salt.$pass.$salt)
2018-01-30 10:24:21 +00:00
- sha256($salt.utf16le($pass))
2019-07-13 18:51:38 +00:00
- sha256(md5($pass))
- sha256(sha256($pass).$salt)
- sha256(sha256_bin($pass))
- sha256(utf16le($pass).$salt)
2015-12-04 14:47:52 +00:00
- sha512($pass.$salt)
- sha512($salt.$pass)
2018-01-30 10:24:21 +00:00
- sha512($salt.utf16le($pass))
- sha512(utf16le($pass).$salt)
- Ruby on Rails Restful-Authentication
2015-12-04 14:47:52 +00:00
- HMAC-MD5 (key = $pass)
- HMAC-MD5 (key = $salt)
- HMAC-SHA1 (key = $pass)
- HMAC-SHA1 (key = $salt)
- HMAC-SHA256 (key = $pass)
- HMAC-SHA256 (key = $salt)
- HMAC-SHA512 (key = $pass)
- HMAC-SHA512 (key = $salt)
- HMAC-Streebog-256 (key = $pass), big-endian
- HMAC-Streebog-256 (key = $salt), big-endian
- HMAC-Streebog-512 (key = $pass), big-endian
- HMAC-Streebog-512 (key = $salt), big-endian
- CRC32
2018-01-30 10:24:21 +00:00
- 3DES (PT = $salt, key = $pass)
- DES (PT = $salt, key = $pass)
2018-01-30 10:24:21 +00:00
- ChaCha20
- Skip32 (PT = $salt, key = $pass)
2015-12-04 14:47:52 +00:00
- PBKDF2-HMAC-MD5
- PBKDF2-HMAC-SHA1
- PBKDF2-HMAC-SHA256
- PBKDF2-HMAC-SHA512
- scrypt
- phpass
- Ansible Vault
- Atlassian (PBKDF2-HMAC-SHA1)
- Python passlib pbkdf2-sha512
- Python passlib pbkdf2-sha256
- Python passlib pbkdf2-sha1
- TACACS+
- SIP digest authentication (MD5)
- IKE-PSK MD5
- IKE-PSK SHA1
2019-12-19 21:14:42 +00:00
- WPA-PBKDF2-PMKID+EAPOL
- WPA-PMK-PMKID+EAPOL
2018-01-30 10:24:21 +00:00
- IPMI2 RAKP HMAC-SHA1
- CRAM-MD5
- iSCSI CHAP authentication, MD5(CHAP)
- JWT (JSON Web Token)
- Kerberos 5, etype 23, AS-REQ Pre-Auth
- Kerberos 5, etype 23, TGS-REP
- Kerberos 5, etype 23, AS-REP
- Kerberos 5, etype 17, TGS-REP
- Kerberos 5, etype 18, TGS-REP
- Kerberos 5, etype 17, Pre-Auth
- Kerberos 5, etype 18, Pre-Auth
- NetNTLMv1 / NetNTLMv1+ESS
- NetNTLMv2
- Skype
2020-01-15 09:33:36 +00:00
- Telegram client app passcode (SHA256)
2018-01-30 10:24:21 +00:00
- PostgreSQL CRAM (MD5)
- MySQL CRAM (SHA1)
- RACF
- AIX {smd5}
- AIX {ssha1}
- AIX {ssha256}
- AIX {ssha512}
2015-12-04 14:47:52 +00:00
- LM
- QNX /etc/shadow (MD5)
- QNX /etc/shadow (SHA256)
- QNX /etc/shadow (SHA512)
2018-01-30 10:24:21 +00:00
- DPAPI masterkey file v1
- DPAPI masterkey file v2
- GRUB 2
- MS-AzureSync PBKDF2-HMAC-SHA256
2018-01-30 10:24:21 +00:00
- BSDi Crypt, Extended DES
- NTLM
- macOS v10.4, macOS v10.5, MacOS v10.6
- macOS v10.7
- macOS v10.8+ (PBKDF2-SHA512)
- Radmin2
- Samsung Android Password/PIN
2018-01-30 10:24:21 +00:00
- bcrypt $2*$, Blowfish (Unix)
- md5crypt, MD5 (Unix), Cisco-IOS $1$ (MD5)
- descrypt, DES (Unix), Traditional DES
2018-01-30 10:24:21 +00:00
- sha256crypt $5$, SHA256 (Unix)
- sha512crypt $6$, SHA512 (Unix)
- Windows Phone 8+ PIN/password
2018-01-30 10:24:21 +00:00
- Cisco-ASA MD5
- Cisco-IOS $8$ (PBKDF2-SHA256)
- Cisco-IOS $9$ (scrypt)
- Cisco-IOS type 4 (SHA256)
- Cisco-PIX MD5
- Citrix NetScaler (SHA1)
- Citrix NetScaler (SHA512)
- Domain Cached Credentials (DCC), MS Cache
- Domain Cached Credentials 2 (DCC2), MS Cache 2
- FortiGate (FortiOS)
2018-01-30 10:24:21 +00:00
- ArubaOS
- Juniper IVE
- Juniper NetScreen/SSG (ScreenOS)
- Juniper/NetBSD sha1crypt
- MSSQL (2000)
- MSSQL (2005)
- MSSQL (2012, 2014)
- PostgreSQL
- Oracle H: Type (Oracle 7+)
- Oracle S: Type (Oracle 11+)
- Oracle T: Type (Oracle 12+)
- MySQL323
- MySQL4.1/MySQL5
- MySQL $A$ (sha256crypt)
- Sybase ASE
- hMailServer
- DNSSEC (NSEC3)
- CRAM-MD5 Dovecot
- SSHA-256(Base64), LDAP {SSHA256}
- SSHA-512(Base64), LDAP {SSHA512}
- RedHat 389-DS LDAP (PBKDF2-HMAC-SHA256)
- FileZilla Server >= 0.9.55
- ColdFusion 10+
- Apache $apr1$ MD5, md5apr1, MD5 (APR)
- Episerver 6.x < .NET 4
- Episerver 6.x >= .NET 4
- nsldap, SHA-1(Base64), Netscape LDAP SHA
- nsldaps, SSHA-1(Base64), Netscape LDAP SSHA
2015-12-04 14:47:52 +00:00
- SAP CODVN B (BCODE)
- SAP CODVN B (BCODE) from RFC_READ_TABLE
2015-12-04 14:47:52 +00:00
- SAP CODVN F/G (PASSCODE)
- SAP CODVN F/G (PASSCODE) from RFC_READ_TABLE
2015-12-04 14:47:52 +00:00
- SAP CODVN H (PWDSALTEDHASH) iSSHA-1
- PeopleSoft
- PeopleSoft PS_TOKEN
- SolarWinds Orion
2018-01-30 10:24:21 +00:00
- Lotus Notes/Domino 5
- Lotus Notes/Domino 6
- Lotus Notes/Domino 8
2019-06-22 14:05:02 +00:00
- Oracle Transportation Management (SHA256)
- Huawei sha1(md5($pass).$salt)
- AuthMe sha256
- AES Crypt (SHA256)
- BitLocker
2018-01-30 10:24:21 +00:00
- eCryptfs
- LUKS
- VeraCrypt
2018-06-18 12:38:35 +00:00
- FileVault 2
- DiskCryptor
- Android FDE (Samsung DEK)
- Android FDE <= 4.3
- Apple File System (APFS)
- TrueCrypt
2017-12-13 09:39:39 +00:00
- PDF 1.1 - 1.3 (Acrobat 2 - 4)
- PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #1
- PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #2
2017-12-13 09:39:39 +00:00
- PDF 1.4 - 1.6 (Acrobat 5 - 8)
- PDF 1.7 Level 3 (Acrobat 9)
- PDF 1.7 Level 8 (Acrobat 10 - 11)
- MS Office 2007
- MS Office 2010
- MS Office 2013
- MS Office <= 2003 $0/$1, MD5 + RC4
- MS Office <= 2003 $0/$1, MD5 + RC4, collider #1
- MS Office <= 2003 $0/$1, MD5 + RC4, collider #2
- MS Office <= 2003 $3/$4, SHA1 + RC4
- MS Office <= 2003 $3, SHA1 + RC4, collider #1
- MS Office <= 2003 $3, SHA1 + RC4, collider #2
- Open Document Format (ODF) 1.2 (SHA-256, AES)
- Open Document Format (ODF) 1.1 (SHA-1, Blowfish)
- Apple Secure Notes
- JKS Java Key Store Private Keys (SHA1)
- 1Password, agilekeychain
- 1Password, cloudkeychain
2018-01-30 10:24:21 +00:00
- Password Safe v2
- Password Safe v3
- LastPass + LastPass sniffed
- KeePass 1 (AES/Twofish) and KeePass 2 (AES)
2015-12-04 14:47:52 +00:00
- Bitcoin/Litecoin wallet.dat
- Electrum Wallet (Salt-Type 1-5)
2015-12-04 14:47:52 +00:00
- Blockchain, My Wallet
- Blockchain, My Wallet, V2
- Blockchain, My Wallet, Second Password (SHA256)
- Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256
- Ethereum Wallet, PBKDF2-HMAC-SHA256
- Ethereum Wallet, SCRYPT
- MultiBit Classic .key (MD5)
- 7-Zip
- RAR3-hp
- RAR5
- PKZIP (Compressed)
- PKZIP (Compressed Multi-File)
- PKZIP (Mixed Multi-File)
- PKZIP (Mixed Multi-File Checksum-Only)
- PKZIP (Uncompressed)
- PKZIP Master Key
- PKZIP Master Key (6 byte optimization)
- iTunes backup < 10.0
- iTunes backup >= 10.0
- WinZip
- Android Backup
- AxCrypt
- AxCrypt in-memory SHA1
- WBB3 (Woltlab Burning Board)
- vBulletin < v3.8.5
- vBulletin >= v3.8.5
- PHPS
- SMF (Simple Machines Forum) > v1.1
- MediaWiki B type
- Redmine
- Joomla < 2.5.18
- OpenCart
- PrestaShop
- Tripcode
- Drupal7
- osCommerce, xt:Commerce
- PunBB
- MyBB 1.2+, IPB2+ (Invision Power Board)
- Django (PBKDF2-SHA256)
- Django (SHA-1)
- Web2py pbkdf2-sha512
- TOTP (HMAC-SHA1)
2015-12-04 14:47:52 +00:00
##
2016-04-29 03:28:49 +00:00
## Attack-Modes
2015-12-04 14:47:52 +00:00
##
2016-04-29 03:28:49 +00:00
- Straight *
- Combination
- Brute-force
- Hybrid dict + mask
- Hybrid mask + dict
2016-02-04 09:59:13 +00:00
2016-04-29 03:28:49 +00:00
* = Supports rules
2016-02-04 09:59:13 +00:00
##
2016-04-29 03:28:49 +00:00
## Supported OpenCL runtimes
2015-12-04 14:47:52 +00:00
##
- AMD
2016-04-29 03:28:49 +00:00
- Apple
- Intel
- Mesa (Gallium)
- NVidia
2016-04-29 03:28:49 +00:00
- pocl
##
## Supported OpenCL device types
##
- GPU
2016-10-29 11:50:43 +00:00
- CPU
- APU
- DSP
- FPGA
- Coprocessor