wrote-password-cracking-manual. Password cracking has always been this niche activity during a routine pentest. You collect some hashes, fire up John The Ripper or Hashcat, and use default settings with rules and some lame dictionary you pulled off the internet and hit <enter>. You recover a fair amount of the passwords but fail to make any real breakthroughs. After digging through forums and blog posts looking for tool usage, password analysis, and examples you apply some new trick only to forget it by the next pentest. After falling victim to this vicious cycle I decided to write a password cracking manual, HASH CRACK.
Inspired by the Red Team Field Manual (RTFM) and its concise format, I set about researching and compiling the most common tools and their usage. Broken into sections to help the beginner and advanced security professional assist in their usage and understanding of the hash cracking process. Stripped of all the fluff and cuts right to the point with a simple sentence or two about each command and corresponding example usage.
The core tools covered in this manual are John The Ripper (JTR) and Hashcat since they are both absolutely amazing software with a robust community. So a convenient cheat sheet for each tool is included towards the front of the manual for easy reference.
Also included is a chapter called “Common Hash Examples” which lists the 25 most frequent hash types encountered during a pentest with examples in Hashcat and JTR. No nonsense and straight to the point to aid a security professional on the spot.
Chapter Topics Covered
Required Software
Core Hash Cracking Knowledge
Cracking Methodology
Cheat Sheets
-John The Ripper
-Hashcat
Extract Hashes
-System Hash Extraction (Windows, *Nix, and Mac)
-PCAP Hash Extraction
-Database Hash Extraction
-Misc Hash Extraction (Documents, browser, etc…)
Common Hash Examples
-MD5, NTLM, NTLMv2, LM, MD5crypt, SHA1, SHA256, bcrypt, PDF 1.4 – 1.6 (Acrobat 5-8), Microsoft OFFICE 2013, RAR3-HP, Winzip, 7zip, Bitcoin/Litecoin, MAC OSX v10.5-v10.6, MySQL 4.1-5+, Postgres, MSSQL(2012)-MSSQL(2014), Oracle 11g, Cisco TYPE 4 5 8 9, WPA PSK / WPA2 PSK
Password Analysis
Dictionary / Wordlist
-Online resources
-Wordlist creation
Rules & Masks
Foreign Character Sets
-(UTF8) Arabic, Bengali, Chinese, Japanese, Russian
-Hashcat and JTR built-in charsets
Advanced
-PRINCE attack
-Maskprocessor
-Distributed/Parallelization
Appendix
-Terms
-Online Resources
-John The Ripper Menu
-Hashcat Menu
-Hash Cracking Benchmarks (table)
-Hash Cracking Speed (table)
A few of the tools/resources covered in the HASH CRACK manual are Hashcat, John The RIpper, PACK (Password Analysis and Cracking Kit), PIPAL, PassPat, Creddump, Mimkatz, Pcredz, Aircrack-ng, Weakpass, Crackstation, and more. Updates and additions to the manual are planned for future chapters and sections based on customer feedback and geared towards assisting the network security professional.
Give Back To The Cracking Community
I highly encourage you DONATE to the dedicated contributing members of the cracking community and in that same vein a portion of the proceeds from the sale of this manual will be given to the various projects and researchers. So in the future when you see a donate button, click and give what you can.
Lastly, if you are a developer of one of the tools or online resources covered in the manual reach out to me on twitter @netmux and I’ll mail you a free copy. Because without you and your contributions to the community we would be stuck hacking together some pathetic piece of code, praying to eek out 100 c/s against MD4.
