effective-computing-machine

In this tutorial, we look at GPU accelerated bruteforce!

Get started

Crack your first md5 hash in 0 seconds! which is significantly faster then within a VM or CPU alone.

What is Hashcat?

Hashcat is a popular password cracking tool designed to brute force hashes, and is commonly used to crack passwords. It enables the cracking of a specific password in multiple ways, combined with versatility and speed.

The explanation for non-technical users?

Hashcat turns readable data into a garbled state (this is a random string of fixed-length size). Hashes do not allow someone to decrypt data with a specific key, as standard encryption protocols allow. Hashcat uses precomputed dictionaries, rainbow tables and even brute-force approaches to find an effective and efficient way to crack passwords.

Why GPU over CPU?|| I would choose GPU… Heres why!

GPUs are very good at parallelising mathematical operations, which is the basis of both computer graphics and cryptography. Typically, the GPU is programmed using either CUDA or OpenCL. The reason they’re good for brute-force attacks is that they’re orders of magnitude faster than a CPU for certain operations - they aren’t intrinisically smarter.

The same operations can be done on a CPU, they just take longer.

Wordlists || Links Provided in the description!

The success rate will be 100% if you generate your crunch list and so I recommend you generate your own lists but here are a few to get you started!

We only need to look at the sources that the user included in the list:

Hashcat Install

Head over to hashcat and download the file ‘binaries’ to your downloads directory.

| hashcat | binaries | v6.2.5 | 2021.11.21 | Download | PGP |

Extract to your working directory. Use 7_Zip or WinRAR

Extract hashcat-5.1.0

Enter the directory and create x2 text files as follows

1. hash.txt "Add hashes you would like to crack."  For e.g. "e99a18c428cb38d5f260853678922e03"
2. rockyou.txt "you should have cracked hashes append here." For e.g. "abc123"

Testing

Start by generating an md5 hash using this online generator at md5hashgenerator

1. string: qwerty123
2. md5 hash: 3fc0a7acf087f549ac2b266baf94b8b1

For instance, here a free hash for qwerty.

Capture

Place the generated hash into hash.txt and save.

Open CMD as Adminstrator

cpa_2

Use the command provided below:

hashcat64.exe --help

Here is what the console should display when running hashcat:

Capture

Bruteforce attacking

Run the command below and execute!

hashcat64.exe -m 0 -a 0 hash.txt rockyou.txt

What are we executing?

To put it simply. After, a few seconds your MD5 should be cracked!

-m0 = MD5 hashes -a3 = Attack type: Brute forcing -o = output file

Cracking in 0 Seconds

In this example, the hash that was getting tested belonged to the password abc123. (The user of this password needs to update this weak password)

e99a18c428cb38d5f260853678922e03:abc123

References