From ed7f348fc30036e2559ab8451bfe98772924796a Mon Sep 17 00:00:00 2001 From: Jens Steube Date: Sun, 19 Jan 2020 12:47:29 +0100 Subject: [PATCH] Updated Home (markdown) --- Home.md | 93 --------------------------------------------------------- 1 file changed, 93 deletions(-) diff --git a/Home.md b/Home.md index 08ca24c..b798088 100644 --- a/Home.md +++ b/Home.md @@ -1,211 +1,118 @@ ## Frequently asked questions - * [FAQ](frequently_asked_questions) ## Source code - * [Github repositories](https///github.com/hashcat) ## Hashcat suite - * [hashcat](hashcat) - World's fastest and most advanced password recovery utility - * [hashcat-utils](hashcat_utils) - Small utilities that are useful in advanced password cracking - * [maskprocessor](maskprocessor) - High-performance word generator with a per-position configureable charset - * [statsprocessor](statsprocessor) - Word generator based on per-position markov-chains - * [princeprocessor](princeprocessor) - Standalone password candidate generator using the PRINCE algorithm - * [kwprocessor](kwprocessor) - Advanced keyboard-walk generator with configureable basechars, keymap and routes Documentation for older hashcat versions like hashcat-legacy, oclHashcat, ... can be found by using the Sitemap button. ## Core attack modes - * [Dictionary attack](dictionary_attack) - trying all words in a list; also called "straight" mode (attack mode 0, ''-a 0'') - * [Combinator attack](combinator_attack) - concatenating words from multiple wordlists (mode 1) - * [Brute-force attack](mask_attack) and [Mask attack](mask_attack) - trying all characters from given charsets, per position (mode 3) - * [Hybrid attack](hybrid_attack) - combining wordlists+masks (mode 6) and masks+wordlists (mode 7); can [also be done with rules](toggle_attack_with_rules) ## Other attacks - * [Rule-based attack](rule_based_attack) - applying rules to words from wordlists; combines with wordlist-based attacks (attack modes 0, 6, and 7) - * [Toggle-case attack](toggle_case_attack) - toggling case of characters; now accomplished with rules ## Most important wiki pages - * [Example hashes](example_hashes) - * [Brute-Force attack (aka mask attack)](mask_attack) - * [When I click on hashcat.exe a black window flashes up and then disappears](ubernoobs) - * [Timeout Patch](timeout_patch) - * [HCCAPX format description](hccapx) - * [Resuming cracking jobs and .restore file format description](restore) - * [Cracking WPA/WPA2 with hashcat](cracking_wpawpa2) - * [Using maskprocessor to generate rules](rules_with_maskprocessor) - * [Using rules to emulate hybrid attack](hybrid_atttack_with_rules) - * [Using rules to emulate toggle attack](toggle_attack_with_rules) - * [Using machine-readable output](machine_readable) - * [Ubuntu Server + AMD Catalyst + hashcat HOWTO](linux_server_howto) (not up-to-date) - * [HOWTO: Upgrading AMD Drivers on Windows](upgrading_amd_drivers_how_to) (not up-to-date) - * [hashcat and the drivers: Catalyst and ForceWare](oclhashcat_catalyst_forceware) (not up-to-date) - * ``[Table-Lookup Attack beginner guide](table_lookup_beginner_guide)`` - only available in [hashcat-legacy](hashcat-legacy) - * ``[Distributing workload in oclHashcat-lite](distributing_workload_in_oclhashcat_lite)`` - now accomplished with ''-s/``--skip`` and ''-l/``--limit`` - * ``[VCL Cluster HOWTO](vcl_cluster_howto)`` - * ``[Distributing workload in oclHashcat](distributing_workload_in_oclhashcat)`` - * ``[Using maskprocessor to emulate brute-force attack](brute_force_in_oclhashcat_plus)`` - now implemented directly in [hashcat](hashcat) - * ``[Using maskprocessor to emulate mask attack in hashcat](mask_attack_in_hashcat)`` - now implemented directly in [hashcat](hashcat) - * *Strike-through = Outdated article* ## Patches, tips and tricks - * [Calculating total combinations for masks](combination_count_formula) - * [SSH into running terminal](ssh_running_process) - using ''screen'' - * [I use hashcat on Windows and want to access it through ssh](hashcat_on_windows_ssh) - * ``[Changing fan speed of ATI under linux](changing_fan_speed_of_ati_under_linux)`` - * ``[WPA Clean and Convert Script](WPA_Clean_and_Convert_Script)`` * *Strike-through = Outdated article* - - ## Howtos, Videos, Papers, Articles, etc. in the wild - * [A cheat-sheet for password crackers](http://www.unix-ninja.com/p/A_cheat-sheet_for_password_crackers) - * [A guide to password cracking with Hashcat](http://www.unix-ninja.com/p/A_guide_to_password_cracking_with_Hashcat/) - * [Building a Password Cracking Rig for Hashcat](http://www.unix-ninja.com/p/Building_a_Cracking_Rig_for_Hashcat/) - * [Building a Password Cracking Rig for Hashcat - Part II](http://www.unix-ninja.com/p/Building_a_Password_Cracking_Rig_for_Hashcat_-_Part_II/) - * [Exploiting masks in Hashcat for fun and profit](http://www.unix-ninja.com/p/Exploiting_masks_in_Hashcat_for_fun_and_profit/) - * [Hashcat Line Length Exceptions](http://www.unix-ninja.com/p/Hashcat_Line_Length_Exceptions/) - * [ Agilebits 1Password support and Design Flaw?](https///hashcat.net/forum/thread-2238.html) - * [Colliding password protected MS office 97-2003 documents](https///hashcat.net/forum/thread-3665.html) - * [Colliding password protected PDF documents](https///hashcat.net/forum/thread-3818.html) - * [Facebook full directory of first and lastnames, 8GB, sorted with counts, latin and non-latin](https///hashcat.net/forum/thread-4114.html) - * [Explaining the PostgreSQL pass-the-hash vulnerability](https///hashcat.net/forum/thread-4148.html) - * [PHDays 2014, "Hashrunner challenge": Writeup Team hashcat](https///hashcat.net/forum/thread-3397.html) - * [PHDays 2015, "Hashrunner challenge": Writeup Team hashcat](https///hashcat.net/forum/thread-4370.html) - * [How not to salt a hash](https///hashcat.net/forum/thread-4429.html) - * [CheckPoint Security Gateway (firewall) and Security Management password hashes](https///hashcat.net/forum/thread-4436.html) - * [Cracking Netgear default WPA passwords with oclHashcat](https///hashcat.net/forum/thread-4463.html) - * [Cracking eight different TrueCrypt ciphers for the price of three](https///hashcat.net/forum/thread-4812.html) - * [DEFCON 2010, "Crack Me If You Can": Writeup Team hashcat](http://contest-2010.korelogic.com/team_hashcat.html) - * [DEFCON 2011, "Crack Me If You Can": Writeup Team hashcat](http://contest-2011.korelogic.com/team_hashcat.html) - * [DEFCON 2014, "Crack Me If You Can": Writeup Team hashcat](http://contest-2014.korelogic.com/team_hashcat.html) - * [DEFCON 2015, "Crack Me If You Can": Writeup Team hashcat](https///hashcat.net/forum/thread-4595.html) - * [Cracking Android passwords, a how-to](https///www.pentestpartners.com/blog/cracking-android-passwords-a-how-to/) - * [Custom charsets and rules with John The Ripper and oclhashcat](https///www.pentestpartners.com/blog/custom-charsets-and-rules-with-john-the-ripper-and-oclhashcat/) - * [Efficient Password Cracking Where LM Hashes Exist for Some Users](https///www.pentestpartners.com/blog/efficient-password-cracking-where-lm-hashes-exist-for-some-users/) - * [Introduction to Hashcat](https///www.youtube.com/watch?v=EfqJCKWtGiU) - * [Passwords: A step-by-step analysis of breaking them](https///www.pentestpartners.com/blog/passwords-a-step-by-step-analysis-of-breaking-them/) - * [Cracking IKE Mission:Improbable (Part 1)](https///www.trustwave.com/Resources/SpiderLabs-Blog/Cracking-IKE-Mission-Improbable-%28Part-1%29/) - * [Cracking IKE Mission:Improbable (Part 2)](https///www.trustwave.com/Resources/SpiderLabs-Blog/Cracking-IKE-Mission-Improbable-%28Part-2%29/) - * [Hashcat Per Position Markov Chains](https///www.trustwave.com/Resources/SpiderLabs-Blog/Hashcat-Per-Position-Markov-Chains/) - * [A Practical Guide to Cracking Password Hashes](https///labs.mwrinfosecurity.com/blog/a-practical-guide-to-cracking-password-hashes/) - * [Rule-Fu: The art of word mangling](https///web.archive.org/web/20131111231827/http///ob-security.info/?p=31) - * [How to Extract OS X Mavericks Password Hash for Cracking With Hashcat](https///web.archive.org/web/20140703020831/http///www.michaelfairley.co/blog/2014/05/18/how-to-extract-os-x-mavericks-password-hash-for-cracking-with-hashcat/) - * [Statistics Will Crack Your Password](https///www.praetorian.com/blog/statistics-will-crack-your-password-mask-structure) - * [Troy Hunt: Our password hashing has no clothes](https///www.troyhunt.com/2012/06/our-password-hashing-has-no-clothes.html) - * [The 3 Way21 Confessions of a crypto cluster operator](https///www.youtube.com/watch?v=1MiY44KS-y4) - * [Passwords^12: Exploiting a SHA-1 weakness in password cracking](https///www.youtube.com/watch?v=7YebpMoK9VQ) - * [Passwordscon: Advanced Password Cracking: Hashcat Techniques for the Last 20%](https///www.youtube.com/watch?v=9l6COVMer8M) - * [Passwordscon: Optimizing the Computation of Hash Algorithms as an Attacker](https///www.youtube.com/watch?v=SEiL9fqcEwk) - * [Passwordscon: I have the hashcat, I make the rules](https///hashcat.net/events/p14-vegas/I%20have%20the%20%23cat%20i%20make%20the%20rules_YC.pdf) - * [Cracking an MD5 of an IP address](https///www.phillips321.co.uk/2012/04/04/cracking-an-md5-of-an-ip-address/) - * [Bruteforcing .known_hosts file with hashcat](http://up1ink.tumblr.com/post/132370869368/bruteforcing-knownhosts-file-with-hashcat) - * [Convert metasploit cachedump files to Hashcat format for cracking](http://www.commandlinefu.com/commands/view/11574/convert-metasploit-cachedump-files-to-hashcat-format-for-cracking) - * [GPU Based Password Cracking with Amazon EC2 and oclHashcat](http://www.rockfishsec.com/2015/05/gpu-password-cracking-with-amazon-ec2.html) - * [How to crack WPA2-Enterprise EAP-MD5 with hashcat](http://www.securitybydefault.com/2014/01/wpa2-enterprise-cracking-de-eap-md5.html) - * [Cracking TrueCrypt: container, non-system, system, hidden](https///web.archive.org/web/20161026005447/0x31.de/cracking-truecrypt-container-non-system-system/) (archived on archive.org, current version contains adware) - * [Cracking Story – How I Cracked Over 122 Million SHA1 and MD5 Hashed Passwords](http://blog.thireus.com/cracking-story-how-i-cracked-over-122-million-sha1-and-md5-hashed-passwords) - * [Android Pin/Password Cracking](http://linuxsleuthing.blogspot.co.uk/2012/10/android-pinpassword-cracking-halloween.html) - * [Tool Deep Dive: PRINCE](http://reusablesec.blogspot.de/2014/12/tool-deep-dive-prince.html) - * [HASHCAT: GPU PASSWORD CRACKING FOR MAXIMUM WIN](https///abigisp.com/talks/hashcat/) - * [Video introduction to Hashcat v3 and Debug-Rules example](https///www.youtube.com/watch?v=0C5jftc4nqs) - If your hashcat article is not listed, tell us. We would love to link it here.