Hashcat

Hashcat
Hashcat
Type of	Password cracking
Developer	Jens 'atom' steube
operating system	Linux , macOS , Windows
Latest version	5.0.0 / October 28, 2018
License	MIT License
Site	hashcat.net/hashcat/

Hashcat is, according to the creators, the world's fastest password recovery tool. Until 2015, the program was proprietary, but is now released as free software . Versions are available for Linux , macOS and Windows and can be presented in variants based on CPU or GPU . Examples of hash algorithms supported by hashcats are Microsoft LM, MD4 , MD5 , SHA , Unix Crypt , MySQL, and Cisco PIX hashes.

Hashcat gained its popularity due to the flaws found by its creator in other programs that use data encryption. For example, an error was discovered in the 1Password password manager hashing scheme, which allowed selecting master passwords. ^[1] ^[2] At the moment, Hashcat is actively used for selecting WPA / WPA2 passwords, cracking passwords from MS Office, PDF, 7-Zip, RAR, TrueCrypt documents. The active development and use of Hashcat as a password cracking utility makes developers think about the security of the systems they create. ^[3]

Content

Versions

Previously, Hashcat was released in two versions:

hashcat - processor based password recovery tool
oclHashcat / cudaHashcat - a tool with graphical acceleration (OpenCL or CUDA)

With the release of hashcat v3.00, the GPU and CPU tools were combined into a single tool called hashcat v3.00. ^[4] The processor-only version is called hashcat-legacy. Both CPU and GPU are now using OpenCL.

Many of the hashcat-legacy algorithms can be cracked in a shorter time using well-documented acceleration due to the graphics processor (GPU) used in oclHashcat, cudaHashcat and hashcat v3.00 (for example, MD5, SHA1 and others). However, not all algorithms can be accelerated due to the use of GPUs (for example, bcrypt ), therefore oclHashcat / cudaHashcat cannot be considered a full-fledged replacement for hashcat-legacy.

At the moment, hashcat is available for macOS, Windows and Linux with a GPU, CPU and general support for OpenCL, which allows the use of FPGA and other accelerator cards.

Working Principle

The principle of operation of all programs that allow to crack passwords is almost the same. Utilities differ, perhaps, in the speed at which the test passwords are searched, they can also implement different algorithms for generating test passwords (attack types). The basic idea is to perform a quick search of combinations using a predetermined subset of letters / words (the so-called dictionary). A hash is calculated from each combination and compared with the original one. In the event of a match, the password is considered hacked. In the case of Hashcat, the selection is recommended on the GPU, since the graphics processor is able to go through the combinations much faster.

Types of attacks

Hashcat assumes the use of various types of attacks to achieve effective coverage of various hashes :

Brute-force attack
Mask attack
- It is considered the most effective at the moment. The idea is to use a frequency dictionary (most used passwords) to build a mask and thereby reduce the number of combinations.
- For example, combinations with a capital first letter and numbers at the end (Julia1983) are quite standard. In the case of the usual brute force, the number of combinations equals $62^{9}(13.537.086.546.263.552)$ ${\ displaystyle 62 ^ {9} (13.537.086.546.263.552)}$ combinations that would take a little more than 4 years at the usual speed for a modern GPU (100 Mega-hashes per second)
- Using the standard for many people mask (capital letter at the beginning and year at the end), a similar password could be passed for $52\cdot 26^{4}\cdot 10^{4}\;(237.627.520.000)$ ${\ displaystyle 52 \ cdot 26 ^ {4} \ cdot 10 ^ {4} \; (237.627.520.000)}$ combinations that would take about 40 minutes at the same speed of the GPU.
Attack by searching all the combinations in the dictionary ( Combinator attack )
Simple dictionary search ( Dictionary attack )
Fingerprint attack
Hybrid attack ( Hybrid attack )
Attack attack ( Permutation attack )
Rule-based attack
Attack by table search ( Table-lookup attack ), only on CPU
Brute-force attack in capital and lower case letters ( Toggle-Case attack )

The traditional Brute Force attack is considered obsolete, so the Hashcat team recommends using a masked attack as a complete replacement.

Notes

↑ Toward better Master Passwords | 1Password (eng.) . 1Password Blog (28 August 2018). The appeal date is December 13, 2018.
↑ hashcat. Support added to crack 1Password to oclHashcat-plus, 100% computed on GPU! Plus I found an exploitable design flaw http://hashcat.net/forum/thread-2238.html ... (eng.) . @hashcat (April 16, 2013). The appeal date is December 13, 2018.
↑ 1Password hashcat strong master passwords | 1Password (eng.) . 1Password Blog (16 March 2013). The appeal date is December 14, 2018.
↑ hashcat v3.00 ( Unsolved ) . hashcat.net. The appeal date is December 13, 2018.

[1] Toward better Master Passwords | 1Password (eng.) . 1Password Blog (28 August 2018). The appeal date is December 13, 2018.

[2] hashcat. Support added to crack 1Password to oclHashcat-plus, 100% computed on GPU! Plus I found an exploitable design flaw http://hashcat.net/forum/thread-2238.html ... (eng.) . @hashcat (April 16, 2013). The appeal date is December 13, 2018.

[3] 1Password hashcat strong master passwords | 1Password (eng.) . 1Password Blog (16 March 2013). The appeal date is December 14, 2018.

[4] shcat v3.00 ( Unsolved ) . hashcat.net. The appeal date is December 13, 2018.