Tip of the day

freeroute

Community Manager
Staff member
Community Manager
Super Moderator
Trusted
Feedback: 2 / 0 / 0
Joined
Dec 30, 2019
Messages
21,363
Reaction score
2,010
Credits
11,400
Utility "raw2dyna" (included in the John the Ripper package)

┌──(freeroute㉿Orion-Nebula)-[/usr/local/src/john/run]
└─$ ./raw2dyna --h
usage ./raw2dyna [options] < input > output
Options:
-d=# dyna number (-d=12 and $dynamic_12$hash$salt is used)
-a ALL hashes get $HEX$ and not simply hashes which have problems
-ls=# The salt is the leading data, and it is # bytes long
-ss=b The salt separator char is b a blank -ss= means no separator char
-hl=n The length of hash. SHA1 is 40, MD4/5 is 32, SHA256 is 64, etc
-2h=r perform a simple convert to hex. the string r is converted to $HEX$hhhh...
-2r=h perform a simple convert out of hex. the hex string h is converted to raw data
if either -2h or -2r are used, then the convert is done and the program exits
defaults are -d=12 -ss=: -hl=32

To convert any string to hexadecimal, use the -2h option:
└─$ ./raw2dyna -2h='Orion' 1 ⨯
$HEX$4f72696f6e

To convert hexadecimal string to raw data, use -2r option:
└─$ ./raw2dyna -2r='4f72696f6e'
Orion
 

freeroute

Community Manager
Staff member
Community Manager
Super Moderator
Trusted
Feedback: 2 / 0 / 0
Joined
Dec 30, 2019
Messages
21,363
Reaction score
2,010
Credits
11,400
Sample password hash encoding strings
https://openwall.info/wiki/john/sample-hashes

Sample non-hashes (to be) supported by JtR
https://openwall.info/wiki/john/sample-non-hashes?s[]=office

John The Ripper Hash Formats
http://pentestmonkey.net/cheat-sheet/john-the-ripper-hash-formats

A collection of samples for development and testing of John the Ripper and other password security auditing and password recovery tools
https://github.com/openwall/john-samples

Example hashes
https://hashcat.net/wiki/doku.php?id=example_hashes
 

freeroute

Community Manager
Staff member
Community Manager
Super Moderator
Trusted
Feedback: 2 / 0 / 0
Joined
Dec 30, 2019
Messages
21,363
Reaction score
2,010
Credits
11,400
Generate MD5 hashes, iteration 10

Command:
echo -n 'Password' | ./mdxfind -h '^MD5$' -i 10 -h '!salt,!user' -z -f /dev/null stdin 2>&1
Debug output - output all hashes, explore long hash chains
Iterations set to 10
Working on hash types: MD5
Took 0.00 seconds to read hashes
Searching through 0 unique hashes from /dev/null
Maximum hash chain depth is 0
Minimum hash length is 512 characters
Using 4 cores
MD5x01 dc647eb65e6711e155375218212b3964:Password
MD5x02 b8498ee29e56e711a268ae8cc461ae94:Password
MD5x03 d95a7c1d16d52134dafc6d1c1f9f2695:Password
MD5x04 e5e79fac774f77000a0e5c1e6404ac1b:Password
MD5x05 fe9ca65247fdfa34ae6127b9cd975017:Password
MD5x06 27024bb6ed2c5e35bb2d74fde9c27d33:Password
MD5x07 7bd582adab8f80fb1519dca257c48c25:Password
MD5x08 ddb38f338cad584aa03cccc3fff5aa27:Password
MD5x09 856a78ac57a0e6f5165d8f31d1deac19:Password
MD5x10 86b41cafc64ccec288190b1f3c97cce2:Password
 

freeroute

Community Manager
Staff member
Community Manager
Super Moderator
Trusted
Feedback: 2 / 0 / 0
Joined
Dec 30, 2019
Messages
21,363
Reaction score
2,010
Credits
11,400

Attachments

  • E9p5-c1XMAYOgAT.jpeg
    E9p5-c1XMAYOgAT.jpeg
    305.4 KB · Views: 8
Last edited:

freeroute

Community Manager
Staff member
Community Manager
Super Moderator
Trusted
Feedback: 2 / 0 / 0
Joined
Dec 30, 2019
Messages
21,363
Reaction score
2,010
Credits
11,400
tldr - short man page with example

Source: https://github.com/tldr-pages/tldr
Install: pip3 install tldr

┌──(freeroute㉿Orion-Nebula)-[~]
└─$ tldr john

john

Password cracker.
More information: https://www.openwall.com/john/.

- Crack password hashes:
john path/to/hashes.txt

- Show passwords cracked:
john --show path/to/hashes.txt

- Display users' cracked passwords by user identifier from multiple files:
john --show --users=user_ids path/to/hashes* path/to/other/hashes*

- Crack password hashes, using a custom wordlist:
john --wordlist=path/to/wordlist.txt path/to/hashes.txt

- List available hash formats:
john --list=formats

- Crack password hashes, using a specific hash format:
john --format=md5crypt path/to/hashes.txt

- Crack password hashes, enabling word mangling rules:
john --rules path/to/hashes.txt

- Restore an interrupted cracking session from a state file, e.g. `mycrack.rec`:
john --restore=path/to/mycrack.rec

┌──(freeroute㉿Orion-Nebula)-[~]
└─$ tldr hashcat

hashcat

Fast and advanced password recovery tool.
More information: https://manned.org/hashcat.

- Perform a brute-force attack (mode 3) with the default hashcat mask:
hashcat --hash-type hash_type_id --attack-mode 3 hash_value

- Perform a brute-force attack (mode 3) with a known pattern of 4 digits:
hashcat --hash-type hash_type_id --attack-mode 3 hash_value "?d?d?d?d"

- Perform a brute-force attack (mode 3) using at most 8 of all printable ASCII characters:
hashcat --hash-type hash_type_id --attack-mode 3 --increment hash_value "?a?a?a?a?a?a?a?a"

- Perform a dictionary attack (mode 0) using the RockYou wordlist of a Kali Linux box:
hashcat --hash-type hash_type_id --attack-mode 0 hash_value /usr/share/wordlists/rockyou.txt

- Perform a rule-based dictionary attack (mode 0) using the RockYou wordlist mutated with common password variations:
hashcat --hash-type hash_type_id --attack-mode 0 --rules-file /usr/share/hashcat/rules/best64.rule hash_value /usr/share/wordlists/rockyou.txt

- Perform a combination attack (mode 1) using the concatenation of words from two different custom dictionaries:
hashcat --hash-type hash_type_id --attack-mode 1 hash_value /path/to/dictionary1.txt /path/to/dictionary2.txt

- Show result of an already cracked hash:
hashcat --show hash_value
 

Attachments

  • Screenshot_2021-09-20_14-30-41.png
    Screenshot_2021-09-20_14-30-41.png
    211.6 KB · Views: 9
  • Screenshot_2021-09-20_14-31-46.png
    Screenshot_2021-09-20_14-31-46.png
    175.5 KB · Views: 9
Top