Cracking the Hash using Kali Linux & Hashcat
Cracking the Hash using Kali Linux & Hashcat
This article is the continuation of the previous password cracking article where we saw how to brute-force the SSH. Today we will be looking for a better way of doing that, if you try to brute-force on the live system which is also called an Online Attack you might get caught by the firewalls, there are timeout also your account can get banned. So today we will be taking a look at Offline Attack.
What is Offline Attack?
Offline Attacks happen when an attack is on the hash of the password instead of the live system. Let us consider a scenario where you compromised the server using some other means and now you end up being in the terminal.
What is Hashing?
Password hashing is used to verify the integrity of your password, sent during login, against the stored hash so that your actual password never has to be stored. Not all cryptographic algorithms are suitable for the modern industry.
When you store the password in a system. The system is not going to save the password in plaintext form it's gonna make that password a crazy long text.
Example:-
If the password is root then the password hash may look like this:-
$y$j9T$o9r4NZdkAtUEiwlpBtacE0$rOey80zoZ9lOWCfrQvp/WPaDz0TtQeM.m5/0dFScpw1
To convert the password into this crazy-looking hash your system uses a crazy hashing algorithm its nothing but you can say as a complex maths function that is turning the plaintext password into this complex-looking hash.
You might be familiar with some of the hashing algorithms out there
- md5
- sha256
- NTLM
When you hear about password leaks, the hackers get your username and password don't have your password yet actually. They have the hash of your password.
Actual Procedure followed
Now if we are logged in to a server or system we know all the hashed. how do we get the password out of it, well we are gonna do the same thing that we did previously, brute-force, but instead of doing it on the server we are going to brute-force on the hash which we got.
We will need a tool called hashcat for this purpose.
- sudo apt install hashcat
I am assuming that you have the hash for the password.
Storing the hash
The first step we will be doing is storing the hash that we got into a file
Cracking the hash
The command for cracking the password will be
- sudo hashcat -a 0 -m 1800 -o cracked.txt hash password-file.
hashcat is a pretty big tool to use this you need to check the manual page of the hashcat.
we have passed several arguments to the hashcat command the 1st one is-a which is for the attack mode, it's just the mode that the hashcat is working in. there are several other modes that you can explore.
The 2nd argument is the hash type we are going to crack, we have to specify hashcat which type of hash we are providing. We used -m which stands for sha512 hash type.
There are so many attack modes listed in hashcat that you can work with
The 3rd is the file where we stored the hash of the password.
The 4th is the password list ( you can specify the RockYou list also )
As soon as you run this attack if the password is easy and not that complex and exists in the password file then you are good.
We got the password which was root.
Conclusion:-
Why it is effective to crack the password offline | cracking the password offline
