Hashcat: The Complete Guide to Password Cracking (2025)

Hashcat: The Complete Guide to Password Cracking (2025)

Master the world’s fastest password recovery tool with professional techniques and ethical practices

⚠️ Ethical Disclaimer: Hashcat should only be used for legitimate password recovery, penetration testing with authorization, or educational purposes. Unauthorized password cracking is illegal.

What is Hashcat?

Hashcat is the world’s fastest and most advanced password recovery tool, supporting five unique attack modes for over 300 highly-optimized hashing algorithms. Unlike other password cracking tools, Hashcat leverages:

  • GPU acceleration (NVIDIA, AMD, Intel)
  • Multi-hash and multi-OS support
  • Distributed cracking networks
  • Advanced rule-based attacks
  • Automatic performance tuning

Installing Hashcat

Linux Installation

sudo apt update && sudo apt install hashcat -y  # Debian/Ubuntu
sudo dnf install hashcat -y  # Fedora
sudo pacman -S hashcat  # Arch Linux

Windows Installation

Download the binaries from hashcat.net and extract the ZIP file.

Verifying Installation

hashcat --version
# Should return: v6.2.6

Understanding Hash Types

Hashcat supports over 300 hash types. Common ones include:

Hash Type Hashcat Mode Example
MD5 0 8743b52063cd84097a65d1633f5c74f5
SHA1 100 b89eaac7e61417341b710b727768294d0e6a277b
NTLM 1000 B4B9B02E6F09A9BD760F388B67351E2B
bcrypt 3200 $2a$12$K7R1a9Qx2a9Qx2a9Qx2a9O

Basic Hashcat Commands

Dictionary Attack
hashcat -m 0 -a 0 hashes.txt rockyou.txt
# -m 0 = MD5 hash type
# -a 0 = dictionary attack
# hashes.txt = file containing hashes
# rockyou.txt = wordlist
Brute-Force Attack
hashcat -m 1000 -a 3 hashes.txt ?a?a?a?a?a?a
# -a 3 = brute-force attack
# ?a = all printable ASCII characters
# ?a?a?a?a?a?a = try all 6-character combinations

Advanced Attack Techniques

1. Rule-Based Attacks

Apply transformation rules to wordlists for more sophisticated attacks:

hashcat -m 0 -a 0 hashes.txt rockyou.txt -r rules/best64.rule

2. Hybrid Attacks

Combine dictionary words with brute-force patterns:

hashcat -m 1000 -a 6 hashes.txt rockyou.txt ?d?d?d
# Appends 3 digits to each word

3. Mask Attacks

Target passwords with known structures:

hashcat -m 1000 -a 3 hashes.txt -1 ?l?u ?1?1?1?1?d?d?d
# -1 ?l?u = custom charset (lower + upper)
# ?1?1?1?1 = first 4 chars are letters
# ?d?d?d = last 3 chars are digits

Optimizing Performance

GPU Configuration Tips

  • NVIDIA: Install latest CUDA toolkit
  • AMD: Install ROCm or OpenCL drivers
  • Intel: Install OpenCL runtime
Benchmark Your System
hashcat -b
# Tests all hash algorithms and shows speeds

Performance Optimization Flags

hashcat -m 1000 -a 3 hashes.txt ?a?a?a?a?a?a -w 4 -O -u 1
# -w 4 = high workload profile
# -O = optimized kernels
# -u 1 = force usage of specific GPU

Real-World Examples

Cracking WiFi WPA2 Handshakes

hashcat -m 2500 capture.hccapx rockyou.txt
# Requires converted .hccapx file from aircrack-ng

Recovering ZIP Archive Passwords

zip2john archive.zip > zip_hash.txt
hashcat -m 13600 zip_hash.txt rockyou.txt

Breaking Linux Shadow Hashes

unshadow passwd.txt shadow.txt > linux_hashes.txt
hashcat -m 1800 linux_hashes.txt rockyou.txt

Hashcat Potfile

Hashcat saves cracked hashes in ~/.hashcat/hashcat.potfile. To view:

hashcat --show hashes.txt

Conclusion

Hashcat is an incredibly powerful tool for ethical password recovery and penetration testing. By mastering its attack modes, optimization techniques, and real-world applications, security professionals can:

  • Test organizational password policies
  • Recover lost passwords (with proper authorization)
  • Identify weak hashing algorithms in systems
  • Enhance overall security posture

Further Learning Resources

Avatar photo

I'm passionate about technology, coding. I've been interested in computers since I was a kid. My favorite programming languages are python and JavaScript

Similar Posts

Leave a Reply