Hashcat
Tools/Skills: CLI, Hashcat, Hash Types
SYNOPSIS
A file with a hashed password needs to be decoded by first identifying the type of hash and, then, using hashcat.
I identified the hash by comparing the hash in the file to a list of different hashes and what they look like. Once identified, I selected the necessary options to identify the type of hash (-m 18200) and the type of attack (-a 0), and joined those options with a list options I needed to include to slow down the command (-w 1 -u 1 --kernel-accel 1 --kernel-loops 1 --force).
SOLUTION & PROCESS
Hash Type
Compare the hash file in hash.txt (cat hash.txt) to hashes in the link provided.
In hash.txt there was a unique beginning, including an “@” symbol.
Based on the “@”, I narrowed the type down to Kerberos 5 etype 23 AS-REP
I missed that it said AS-REP, so I had to try a few of the options out before I figured out the exact type and the password.
Input correct command
hashcat -w 1 -u 1 --kernel-accel 1 --kernel-loops 1 --force -m 18200 -a 0 hash.txt password_list.txt*Many of these options were provided in instructions to slow down the command
*Identified attack type (dictionary, -a 0)
*Identified hash type (-m 18200), hash file, password file
Identify cracked password
After the password was cracked, it took me a few more minutes to figure out the answer was provided at the end of the hash in the results rather than after “Candidates #1”
PASSWORD: IluvC4ndyC4nes!
Input answer to /bin/runtoanswer
SUMMARY
Hash Type: Kerberos 5 AS-REP etype 23 AS-REP
Command: hashcat -w 1 -u 1 --kernel-accel 1 --kernel-loops 1 --force -m 18200 -a 0 hash.txt password_list.txt
Password: IluvC4ndyC4nes!
Example Prompts:
What does this command do? `-w 1 -u 1 --kernel-accel 1 --kernel-loops 1`
How do I use hashcat?
Can I use hashcat without knowing the hash type?
Last updated