Using hashcat to recover your passwords


Hashcat is a password recovery tool that uses brute-force or dictionary attacks to recover passwords from hashes. It is a popular tool among cybersecurity professionals and researchers, as it is capable of cracking a wide variety of hashes and supports many different algorithms.

Hashcat is a powerful tool for cracking various types of hashes and can be used to recover password-protected zip files, documents, and WPA .pcap files. It supports over 250 different encryption modes and offers features like mask attacks, which allow users to customize their attacks. Hashcat is easy to use and can decrypt hundreds of hash types in just a few steps. It is also a multi-platform tool.

To use Hashcat, you will need to obtain a hash of the password you wish to crack and then run Hashcat with the appropriate options to perform the cracking process. Hashcat supports a wide range of options and algorithms, so it is important to familiarize yourself with the tool and its documentation before attempting to use it.

How to Install Hashcat

To install it in Ubuntu / Debian-based systems, use the following command:

apt install hashcat

Once the installation is done, we can check Hashcat’s help menu using this command:

hashcat -h

Hashcat help content

How to Work with Hashcat

Now that we know what hashing and Hashcat are, let’s start cracking some passwords.

Let’s create two hashes: A MD5 hash and a SHA1 hash for the string "password".

MD5 hash -> 5f4dcc3b5aa765d61d8327deb882cf99

SHA1 hash -> 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

We can store these hashes under the names md5.txt and sha1.txt to use them when working with Hashcat.

To crack a password using Hashcat, here is the general syntax.

hashcat -m value -a value hashfile wordlist

Let’s dissect the syntax. We have used two flags, -m and -a . The -m flag is used to specify the hash type and the -a flag is to specify the attack mode. You can find the list of hash types and attack modes here.

Attack modes:

      0 = Straight
      1 = Combination
      3 = Brute-force
      6 = Hybrid Wordlist + Mask
      7 = Hybrid Mask + Wordlist

Straight Attack, also known as a dictionary or wordlist attack.

Combinator Attack involves the combination of two wordlists to obtain a password guess.

Brute-force Attack Brute-force attacks use masks (built-in charsets) to set the range and type of characters to be combined and used for attacks. The image below show the masks. Masks are more efficiently used after some sort of social engineering or if you have an idea of what the password could look like.

 ? | Charset
 l | abcdefghijklmnopqrstuvwxyz
 d | 0123456789
 h | 0123456789abcdef
 H | 0123456789ABCDEF
 s |  !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
 a | ?l?u?d?s
 b | 0x00 - 0xff

Mask attack is a type of password cracking technique that allows you to specify a pattern for the password being sought, rather than providing a list of possible passwords to try. This can be particularly useful when you have some information about the structure of the password but not the actual password itself.

For example, suppose you know that the password is 8 characters long and consists of only lowercase letters and numbers. You could specify a mask of "?l?l?l?l?l?l?l?l" to tell hashcat to try all possible combinations of 8 lowercase letters and numbers. This can be much more efficient than trying all possible combinations of 8 characters, because it reduces the search space by only considering passwords that match the specified pattern.

To use a mask attack in hashcat, you would specify the "-a 3" option followed by the mask pattern. For example:

hashcat -a 3 ?l?l?l?l?l?l?l?l hash.txt

This would tell hashcat to perform a mask attack using the specified mask pattern, and to try to crack the hashes in the "hash.txt" file.

Note that you can also specify possibly known characters of password, so if you remember that password was started with "alice" but you forgot for example the year or number after that password, you can use following command:

hashcat -m 0 hash.txt -a 3 alice?d?d?d?d --force


Hashing is a technique used to secure data, such as passwords, by converting it into a random string using a mathematical function. This function is irreversible, meaning that the original data cannot be obtained from the generated string. Hashcat is a tool that can be used to try to recover the original data by attempting to crack the generated string, also known as a hash.

Alvosec is Block Producer for Proton

Download wallet and earn daily staking rewards.

vote for us

Ready for Action?

Don’t hesitate to contact us if you need more information.
Let's Go!
BTC: bc1qnn4zfqqtexl4fkjk2vz6tk74sn92x326wwn0ph

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram