hashcat使用手册
煤矿路口西 Lv4

hashcat使用手册


写在前面

遇到一道【羊城杯】的题,在解的过程中遇到rar5

发现手头所有的工具都无法爆破,想起【Nep2021】的【make_hsy_great_again】

但由于此次为掩码爆破,故而有了这篇文章,详细谈谈hashcat的使用,作为个人的学习留存。

rar2john

# rar2john 65.rar 
Created directory: /root/.john
65.rar:$rar5$16$a2dce3925af59efb2df9851dbfc24fb1$15$bb005ea8f91bf0356c8dddcfa41ac4cb$8$62293dc5e26e9e7f

hashcat - advanced password recovery

hashcat的基本用法为

hashcat [options]... hash|hashfile|hccapxfile [dictionary|mask|directory]...

一条常见的爆破命令

hashcat --force -m 13000 -a 3 '$rar5$16$fe5656ec27f0754cb92ca0a79120e099$15$974a98d46f1d4da877c271091ea930e9$8$48f568d6888772c2' ?d?d?d?d?d?d

一条掩码爆破命令

hashcat --force -m 13000 -a 3 '$rar5$16$a2dce3925af59efb2df9851dbfc24fb1$15$bb005ea8f91bf0356c8dddcfa41ac4cb$8$62293dc5e26e9e7f' GW?a?a?a?a

通过查询形成总结

-m #攻击的哈希类型

md5系列

   0 | MD5                                              | Raw Hash
10 | md5($pass.$salt) | Raw Hash, Salted and/or Iterated
20 | md5($salt.$pass) | Raw Hash, Salted and/or Iterated
30 | md5(utf16le($pass).$salt) | Raw Hash, Salted and/or Iterated
40 | md5($salt.utf16le($pass)) | Raw Hash, Salted and/or Iterated
3800 | md5($salt.$pass.$salt) | Raw Hash, Salted and/or Iterated
3710 | md5($salt.md5($pass)) | Raw Hash, Salted and/or Iterated
4010 | md5($salt.md5($salt.$pass)) | Raw Hash, Salted and/or Iterated
4110 | md5($salt.md5($pass.$salt)) | Raw Hash, Salted and/or Iterated
2600 | md5(md5($pass)) | Raw Hash, Salted and/or Iterated
3910 | md5(md5($pass).md5($salt)) | Raw Hash, Salted and/or Iterated
4300 | md5(strtoupper(md5($pass))) | Raw Hash, Salted and/or Iterated
4400 | md5(sha1($pass)) | Raw Hash, Salted and/or Iterated

sha256系列

1410 | sha256($pass.$salt)                              | Raw Hash, Salted and/or Iterated
1420 | sha256($salt.$pass) | Raw Hash, Salted and/or Iterated
1430 | sha256(utf16le($pass).$salt) | Raw Hash, Salted and/or Iterated
1440 | sha256($salt.utf16le($pass)) | Raw Hash, Salted and/or Iterated

DES,3DES

14000 | DES (PT = $salt, key = $pass)                    | Raw Cipher, Known-Plaintext attack
14100 | 3DES (PT = $salt, key = $pass) | Raw Cipher, Known-Plaintext attack

CRC32校验

11500 | CRC32                                            | Checksums

7z,rar5,zip

11600 | 7-Zip                                            | Archives
12500 | RAR3-hp | Archives
13000 | RAR5 | Archives
13600 | WinZip | Archives

TrueCrypt,VeraCrypt

 62XY | TrueCrypt                                        | Full-Disk Encryption (FDE)
137XY | VeraCrypt | Full-Disk Encryption (FDE)

pdf系列

10400 | PDF 1.1 - 1.3 (Acrobat 2 - 4)                    | Documents
10410 | PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #1 | Documents
10420 | PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #2 | Documents
10500 | PDF 1.4 - 1.6 (Acrobat 5 - 8) | Documents
10600 | PDF 1.7 Level 3 (Acrobat 9) | Documents
10700 | PDF 1.7 Level 8 (Acrobat 10 - 11) | Documents

text

99999 | Plaintext                                        | Plaintext

-a #攻击模式

- [ Attack Modes ] -

# | Mode
===+======
0 | Straight # 字典破解
1 | Combination # 组合破解
3 | Brute-force # 掩码暴力破解
6 | Hybrid Wordlist + Mask # 混合字典+掩码
7 | Hybrid Mask + Wordlist # 混合掩码+字典

? #攻击模式

- [ Built-in Charsets ] -

? | Charset
===+=========
l | abcdefghijklmnopqrstuvwxyz
u | ABCDEFGHIJKLMNOPQRSTUVWXYZ
d | 0123456789
h | 0123456789abcdef
H | 0123456789ABCDEF
s | !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
a | ?l?u?d?s
b | 0x00 - 0xff

  • 本文标题:hashcat使用手册
  • 本文作者:煤矿路口西
  • 创建时间:2021-06-25 16:57:41
  • 本文链接:http://www.mklkx.xyz/2021/06/25/hashcat使用手册/
  • 版权声明:本博客所有文章除特别声明外,均采用 BY-NC-SA 许可协议。转载请注明出处!