SlideShare a Scribd company logo

Hash cat

Download as PPTX, PDF
S
Sreekanth Narendran

Passwords associated with hash keys, such as MD5, SHA, WHIRLPOOL, RipeMD, etc. Hashes are one-way functions —mathematical operation that is easy to perform, but very difficult to reverse engineer. Hash functions turns readable data into a random string of fixed length size. Hashes do not allow someone to decrypt data with a specific key, as standard encryption protocols allow.

Internet
1 of 16
Sreekanth N
Agenda • Introduction • How to crack Hashes • Hash cat - Features • How to crack a password via a dictionary attack • Results • Conclusion • References
Introduction • Passwords associated with hash keys, such as MD5, SHA,WHIRLPOOL, RipeMD, etc. • Hashes are one-way functions —mathematical operation that is easy to perform, but very difficult to reverse engineer. • Hash functions turns readable data into a random string of fixed length size. • Hashes do not allow someone to decrypt data with a specific key, as standard encryption protocols allow.
How to Crack Hashes • Simplest way to crack a hash is to guess the password. • Each attempt is hashed and then is compared to the actual hashed value. • Dictionary and brute-force - the most common ways of guessing passwords. • These make use of a file containing words, phrases, common passwords, and other strings that are likely to be used as a viable password.
Hash Cat Features • It is multi-threaded. • It is multi-hash and multi-OS based (Linux,Windows and OSX native binaries). • It is multi-Algorithm based (MD4, MD5, SHA1, DCC, NTLM, MySQL, etc.). • All attack-modes can be extended by specialized rules. • It is possible to resume or limit sessions automatically. They recognize recovered hashes from the dump at startup. • It can load the salt list from the external file.This can be used as a brute-force attack variant. • The number of threads can be configured and executed based on the lowest priority. • It supports both hex-charset and hex-salt files. • The 90+ Algorithm can be implemented with performance and optimization in mind.
Cracking password #1 Create a dictionary with MBD5 hashes:
Cracking password #2 Check password hashes:
Cracking password #3 Start Hashcat in Kali Linux:
Cracking password #4 Locate wordlist for cracking (Using rockyou.txt – 139.9 MB; Contains 14344385 words)
Cracking password #5 Cracking the hashes:
Hash Cat Features #5 Cracking the hashes:
Results Out of seven four passwords were cracked
Results- Brute forcing • Time to solve alphabetic passwords of various lengths Word Time(Sec onds) z 0 hj 3 hft 5 lkuh 6 ksthq 15 gjdyhi 36 0 5 10 15 20 25 30 35 40 1 2 3 4 5 6 TimeVs Password Length Alphabets Alphanumeric Word Time(Sec onds) 5 0 z4 2 $s3 4 78yh 6 dg67r 12 64dyhi 35 T I M E NO OF DIGITS
Conclusion • These passwords are weak, and it does not take much effort or time to crack them. • It is important to note that the simpler the password is, the easier it will be to detect. • Make your password into a long and complex one. • Also, avoid using obvious personal information • Never reuse passwords and • Change them regularly. Always exercise good habits when creating a password for yourself!
References • https://null-byte.wonderhowto.com/how-to/hack-like- pro-crack-passwords-part-3-using-hashcat-0156543/ • http://www.100security.com.br/revelando-hashs-com- hashcat/ • https://uwnthesis.wordpress.com/2013/08/07/kali-how- to-crack-passwords-using-hashcat/ • https://www.4armed.com/blog/hashcat-crack-md5- hashes/ • https://www.cyberpratibha.com/hashcat-tutorial-for- password-cracking/ • https://hashcat.net/hashcat/ • https://seguranca-informatica.pt/palavras-passe-e- honey-words/
Thank You

Recommended

password cracking using John the ripper, hashcat, Cain&abel
password cracking using John the ripper, hashcat, Cain&abelpassword cracking using John the ripper, hashcat, Cain&abel
password cracking using John the ripper, hashcat, Cain&abelShweta Sharma
 
John the ripper & hydra password cracking tool
John the ripper & hydra password cracking toolJohn the ripper & hydra password cracking tool
John the ripper & hydra password cracking toolMd. Raquibul Hoque
 
Jhon the ripper
Jhon the ripper Jhon the ripper
Jhon the ripper Merve Karabudağ
 
RSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key CryptographyRSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key CryptographyMd. Shafiul Alam Sagor
 
Message digest 5
Message digest 5Message digest 5
Message digest 5Tirthika Bandi
 
Cryptographic hash function md5
Cryptographic hash function md5Cryptographic hash function md5
Cryptographic hash function md5Khulna University, Khulna, Bangladesh
 
Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric CryptographyUTD Computer Security Group
 
Cryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie BrownCryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie BrownInformation Security Awareness Group
 

Recommended

password cracking using John the ripper, hashcat, Cain&abel
password cracking using John the ripper, hashcat, Cain&abelpassword cracking using John the ripper, hashcat, Cain&abel
password cracking using John the ripper, hashcat, Cain&abelShweta Sharma
 
John the ripper & hydra password cracking tool
John the ripper & hydra password cracking toolJohn the ripper & hydra password cracking tool
John the ripper & hydra password cracking toolMd. Raquibul Hoque
 
Jhon the ripper
Jhon the ripper Jhon the ripper
Jhon the ripper Merve Karabudağ
 
RSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key CryptographyRSA Algorithm - Public Key Cryptography
RSA Algorithm - Public Key CryptographyMd. Shafiul Alam Sagor
 
Message digest 5
Message digest 5Message digest 5
Message digest 5Tirthika Bandi
 
Cryptographic hash function md5
Cryptographic hash function md5Cryptographic hash function md5
Cryptographic hash function md5Khulna University, Khulna, Bangladesh
 
Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric CryptographyUTD Computer Security Group
 
Cryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie BrownCryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie BrownInformation Security Awareness Group
 
SHA- Secure hashing algorithm
SHA- Secure hashing algorithmSHA- Secure hashing algorithm
SHA- Secure hashing algorithmRuchi Maurya
 
Digital signature algorithm (de la cruz, genelyn).ppt 2
Digital signature algorithm (de la cruz, genelyn).ppt 2Digital signature algorithm (de la cruz, genelyn).ppt 2
Digital signature algorithm (de la cruz, genelyn).ppt 2YooGenelyn
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
Sha
ShaSha
Shaha123
 
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolschrizjohn896
 
Block Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardBlock Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardDr.Florence Dayana
 
What is AES? Advanced Encryption Standards
What is AES? Advanced Encryption StandardsWhat is AES? Advanced Encryption Standards
What is AES? Advanced Encryption StandardsFaisal Shahzad Khan
 
Secure Hash Algorithm
Secure Hash AlgorithmSecure Hash Algorithm
Secure Hash AlgorithmVishakha Agarwal
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute forcevishalgohel12195
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
Password Cracking
Password CrackingPassword Cracking
Password CrackingSagar Verma
 
Presentation on ethical hacking
Presentation on ethical hackingPresentation on ethical hacking
Presentation on ethical hackingSunny Sundeep
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017TriNimbus
 
Chapter 1.ppt
Chapter 1.pptChapter 1.ppt
Chapter 1.pptssuserec53e73
 
Secure hashing algorithm
Secure hashing algorithmSecure hashing algorithm
Secure hashing algorithmKarteek Paruchuri
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & AnalysisPawandeep Kaur
 
Password craking techniques
Password craking techniques Password craking techniques
Password craking techniques أحلام انصارى
 
AES KEY EXPANSION .pptx
AES KEY EXPANSION .pptxAES KEY EXPANSION .pptx
AES KEY EXPANSION .pptxAhmudulHassan
 
Ethical Hacking Tools
Ethical Hacking ToolsEthical Hacking Tools
Ethical Hacking ToolsMultisoft Virtual Academy
 
rspamd-slides
rspamd-slidesrspamd-slides
rspamd-slidesVsevolod Stakhov
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and crackingNipun Joshi
 

More Related Content

What's hot

SHA- Secure hashing algorithm
SHA- Secure hashing algorithmSHA- Secure hashing algorithm
SHA- Secure hashing algorithmRuchi Maurya
 
Digital signature algorithm (de la cruz, genelyn).ppt 2
Digital signature algorithm (de la cruz, genelyn).ppt 2Digital signature algorithm (de la cruz, genelyn).ppt 2
Digital signature algorithm (de la cruz, genelyn).ppt 2YooGenelyn
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolschrizjohn896
 
Block Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardBlock Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardDr.Florence Dayana
 
What is AES? Advanced Encryption Standards
What is AES? Advanced Encryption StandardsWhat is AES? Advanced Encryption Standards
What is AES? Advanced Encryption StandardsFaisal Shahzad Khan
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute forcevishalgohel12195
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
Password Cracking
Password CrackingPassword Cracking
Password CrackingSagar Verma
 
Presentation on ethical hacking
Presentation on ethical hackingPresentation on ethical hacking
Presentation on ethical hackingSunny Sundeep
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017TriNimbus
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & AnalysisPawandeep Kaur
 
AES KEY EXPANSION .pptx
AES KEY EXPANSION .pptxAES KEY EXPANSION .pptx
AES KEY EXPANSION .pptxAhmudulHassan
 

What's hot (20)

SHA- Secure hashing algorithm
SHA- Secure hashing algorithmSHA- Secure hashing algorithm
SHA- Secure hashing algorithm
 
Digital signature algorithm (de la cruz, genelyn).ppt 2
Digital signature algorithm (de la cruz, genelyn).ppt 2Digital signature algorithm (de la cruz, genelyn).ppt 2
Digital signature algorithm (de la cruz, genelyn).ppt 2
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
 
Sha
ShaSha
Sha
 
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and tools
 
Block Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardBlock Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption Standard
 
What is AES? Advanced Encryption Standards
What is AES? Advanced Encryption StandardsWhat is AES? Advanced Encryption Standards
What is AES? Advanced Encryption Standards
 
Secure Hash Algorithm
Secure Hash AlgorithmSecure Hash Algorithm
Secure Hash Algorithm
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute force
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 
Password Cracking
Password CrackingPassword Cracking
Password Cracking
 
Presentation on ethical hacking
Presentation on ethical hackingPresentation on ethical hacking
Presentation on ethical hacking
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
 
Chapter 1.ppt
Chapter 1.pptChapter 1.ppt
Chapter 1.ppt
 
Secure hashing algorithm
Secure hashing algorithmSecure hashing algorithm
Secure hashing algorithm
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & Analysis
 
Password craking techniques
Password craking techniques Password craking techniques
Password craking techniques
 
AES KEY EXPANSION .pptx
AES KEY EXPANSION .pptxAES KEY EXPANSION .pptx
AES KEY EXPANSION .pptx
 
Ethical Hacking Tools
Ethical Hacking ToolsEthical Hacking Tools
Ethical Hacking Tools
 

Similar to Hash cat

Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and crackingNipun Joshi
 
Encryption pres
Encryption presEncryption pres
Encryption presMereySovet
 
A Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing AlgorithmsA Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing AlgorithmsIRJET Journal
 
Encryption in php
Encryption in phpEncryption in php
Encryption in phpsana mateen
 
CNIT 124: Ch 9: Password Attacks
CNIT 124: Ch 9: Password AttacksCNIT 124: Ch 9: Password Attacks
CNIT 124: Ch 9: Password AttacksSam Bowne
 
Password cracking
Password crackingPassword cracking
Password crackingIlan Mindel
 
CNIT 141: 6. Hash Functions
CNIT 141: 6. Hash FunctionsCNIT 141: 6. Hash Functions
CNIT 141: 6. Hash FunctionsSam Bowne
 
Share winter 2016 encryption
Share winter 2016 encryptionShare winter 2016 encryption
Share winter 2016 encryptionbigendiansmalls
 
CNIT 141 6. Hash Functions
CNIT 141 6. Hash FunctionsCNIT 141 6. Hash Functions
CNIT 141 6. Hash FunctionsSam Bowne
 
CNIT 141: 6. Hash Functions
CNIT 141: 6. Hash FunctionsCNIT 141: 6. Hash Functions
CNIT 141: 6. Hash FunctionsSam Bowne
 
Applied cryptanalysis - everything else
Applied cryptanalysis - everything elseApplied cryptanalysis - everything else
Applied cryptanalysis - everything elseVlad Garbuz
 
Breaking out of crypto authentication
Breaking out of crypto authenticationBreaking out of crypto authentication
Breaking out of crypto authenticationMohammed Adam
 
Clamdigging: Leveraging ClamAV for Malware Analysis and Detection
Clamdigging: Leveraging ClamAV for Malware Analysis and DetectionClamdigging: Leveraging ClamAV for Malware Analysis and Detection
Clamdigging: Leveraging ClamAV for Malware Analysis and Detectionmalwareforme
 
Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011Kieon
 
Crafting tailored wordlists with Wordsmith
Crafting tailored wordlists with WordsmithCrafting tailored wordlists with Wordsmith
Crafting tailored wordlists with WordsmithSanjiv Kawa
 
Automatic tool for static analysis
Automatic tool for static analysisAutomatic tool for static analysis
Automatic tool for static analysisChong-Kuan Chen
 
REMnux tutorial-2: Extraction and decoding of Artifacts
REMnux tutorial-2: Extraction and decoding of ArtifactsREMnux tutorial-2: Extraction and decoding of Artifacts
REMnux tutorial-2: Extraction and decoding of ArtifactsRhydham Joshi
 

Similar to Hash cat (20)

rspamd-slides
rspamd-slidesrspamd-slides
rspamd-slides
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
 
Encryption pres
Encryption presEncryption pres
Encryption pres
 
A Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing AlgorithmsA Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing Algorithms
 
rspamd-fosdem
rspamd-fosdemrspamd-fosdem
rspamd-fosdem
 
Encryption in php
Encryption in phpEncryption in php
Encryption in php
 
CNIT 124: Ch 9: Password Attacks
CNIT 124: Ch 9: Password AttacksCNIT 124: Ch 9: Password Attacks
CNIT 124: Ch 9: Password Attacks
 
Password cracking
Password crackingPassword cracking
Password cracking
 
CNIT 141: 6. Hash Functions
CNIT 141: 6. Hash FunctionsCNIT 141: 6. Hash Functions
CNIT 141: 6. Hash Functions
 
Share winter 2016 encryption
Share winter 2016 encryptionShare winter 2016 encryption
Share winter 2016 encryption
 
CNIT 141 6. Hash Functions
CNIT 141 6. Hash FunctionsCNIT 141 6. Hash Functions
CNIT 141 6. Hash Functions
 
CNIT 141: 6. Hash Functions
CNIT 141: 6. Hash FunctionsCNIT 141: 6. Hash Functions
CNIT 141: 6. Hash Functions
 
Applied cryptanalysis - everything else
Applied cryptanalysis - everything elseApplied cryptanalysis - everything else
Applied cryptanalysis - everything else
 
Breaking out of crypto authentication
Breaking out of crypto authenticationBreaking out of crypto authentication
Breaking out of crypto authentication
 
Clamdigging: Leveraging ClamAV for Malware Analysis and Detection
Clamdigging: Leveraging ClamAV for Malware Analysis and DetectionClamdigging: Leveraging ClamAV for Malware Analysis and Detection
Clamdigging: Leveraging ClamAV for Malware Analysis and Detection
 
Hashing
HashingHashing
Hashing
 
Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011
 
Crafting tailored wordlists with Wordsmith
Crafting tailored wordlists with WordsmithCrafting tailored wordlists with Wordsmith
Crafting tailored wordlists with Wordsmith
 
Automatic tool for static analysis
Automatic tool for static analysisAutomatic tool for static analysis
Automatic tool for static analysis
 
REMnux tutorial-2: Extraction and decoding of Artifacts
REMnux tutorial-2: Extraction and decoding of ArtifactsREMnux tutorial-2: Extraction and decoding of Artifacts
REMnux tutorial-2: Extraction and decoding of Artifacts
 

More from Sreekanth Narendran

Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...Sreekanth Narendran
 
Information Systems Control and Audit - Chapter 3 - Top Management Controls -...
Information Systems Control and Audit - Chapter 3 - Top Management Controls -...Information Systems Control and Audit - Chapter 3 - Top Management Controls -...
Information Systems Control and Audit - Chapter 3 - Top Management Controls -...Sreekanth Narendran
 
Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1Sreekanth Narendran
 
Transactional vs transformational leadership
Transactional vs transformational leadershipTransactional vs transformational leadership
Transactional vs transformational leadershipSreekanth Narendran
 
ECGC, Exim Bank, RBI, FEDAI, FEMA and SWIFT.
ECGC, Exim Bank, RBI, FEDAI, FEMA and SWIFT.ECGC, Exim Bank, RBI, FEDAI, FEMA and SWIFT.
ECGC, Exim Bank, RBI, FEDAI, FEMA and SWIFT.Sreekanth Narendran
 
Conducting an Information Systems Audit
Conducting an Information Systems Audit Conducting an Information Systems Audit
Conducting an Information Systems Audit Sreekanth Narendran
 

More from Sreekanth Narendran (20)

Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
 
Information Systems Control and Audit - Chapter 3 - Top Management Controls -...
Information Systems Control and Audit - Chapter 3 - Top Management Controls -...Information Systems Control and Audit - Chapter 3 - Top Management Controls -...
Information Systems Control and Audit - Chapter 3 - Top Management Controls -...
 
Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1
 
Quantum cryptography
Quantum cryptographyQuantum cryptography
Quantum cryptography
 
Nmap
NmapNmap
Nmap
 
Transactional vs transformational leadership
Transactional vs transformational leadershipTransactional vs transformational leadership
Transactional vs transformational leadership
 
ECGC, Exim Bank, RBI, FEDAI, FEMA and SWIFT.
ECGC, Exim Bank, RBI, FEDAI, FEMA and SWIFT.ECGC, Exim Bank, RBI, FEDAI, FEMA and SWIFT.
ECGC, Exim Bank, RBI, FEDAI, FEMA and SWIFT.
 
Web services for banks
Web services for banksWeb services for banks
Web services for banks
 
Virus vs worms vs trojans
Virus vs worms vs trojansVirus vs worms vs trojans
Virus vs worms vs trojans
 
Business process reengineering
Business process reengineeringBusiness process reengineering
Business process reengineering
 
Phishing
PhishingPhishing
Phishing
 
International banking
International bankingInternational banking
International banking
 
Master Data Management
Master Data ManagementMaster Data Management
Master Data Management
 
Maltego Information Gathering
Maltego Information Gathering Maltego Information Gathering
Maltego Information Gathering
 
Leadership traits
Leadership traitsLeadership traits
Leadership traits
 
Network Miner Network forensics
Network Miner Network forensicsNetwork Miner Network forensics
Network Miner Network forensics
 
Autopsy Digital forensics tool
Autopsy Digital forensics toolAutopsy Digital forensics tool
Autopsy Digital forensics tool
 
Organizational development
Organizational developmentOrganizational development
Organizational development
 
Conducting an Information Systems Audit
Conducting an Information Systems Audit Conducting an Information Systems Audit
Conducting an Information Systems Audit
 
Indigo Case study
Indigo Case study Indigo Case study
Indigo Case study
 

Recently uploaded

VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsstephieert
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Roomdivyansh0kumar0
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...aditipandeya
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on DeliveryCall Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Deliverybabeytanya
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirtrahman018755
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 

Recently uploaded (20)

Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girls
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on DeliveryCall Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 

Hash cat

  • 2. Agenda • Introduction • How to crack Hashes • Hash cat - Features • How to crack a password via a dictionary attack • Results • Conclusion • References
  • 3. Introduction • Passwords associated with hash keys, such as MD5, SHA,WHIRLPOOL, RipeMD, etc. • Hashes are one-way functions —mathematical operation that is easy to perform, but very difficult to reverse engineer. • Hash functions turns readable data into a random string of fixed length size. • Hashes do not allow someone to decrypt data with a specific key, as standard encryption protocols allow.
  • 4. How to Crack Hashes • Simplest way to crack a hash is to guess the password. • Each attempt is hashed and then is compared to the actual hashed value. • Dictionary and brute-force - the most common ways of guessing passwords. • These make use of a file containing words, phrases, common passwords, and other strings that are likely to be used as a viable password.
  • 5. Hash Cat Features • It is multi-threaded. • It is multi-hash and multi-OS based (Linux,Windows and OSX native binaries). • It is multi-Algorithm based (MD4, MD5, SHA1, DCC, NTLM, MySQL, etc.). • All attack-modes can be extended by specialized rules. • It is possible to resume or limit sessions automatically. They recognize recovered hashes from the dump at startup. • It can load the salt list from the external file.This can be used as a brute-force attack variant. • The number of threads can be configured and executed based on the lowest priority. • It supports both hex-charset and hex-salt files. • The 90+ Algorithm can be implemented with performance and optimization in mind.
  • 6. Cracking password #1 Create a dictionary with MBD5 hashes:
  • 9. Cracking password #4 Locate wordlist for cracking (Using rockyou.txt – 139.9 MB; Contains 14344385 words)
  • 12. Results Out of seven four passwords were cracked
  • 13. Results- Brute forcing • Time to solve alphabetic passwords of various lengths Word Time(Sec onds) z 0 hj 3 hft 5 lkuh 6 ksthq 15 gjdyhi 36 0 5 10 15 20 25 30 35 40 1 2 3 4 5 6 TimeVs Password Length Alphabets Alphanumeric Word Time(Sec onds) 5 0 z4 2 $s3 4 78yh 6 dg67r 12 64dyhi 35 T I M E NO OF DIGITS
  • 14. Conclusion • These passwords are weak, and it does not take much effort or time to crack them. • It is important to note that the simpler the password is, the easier it will be to detect. • Make your password into a long and complex one. • Also, avoid using obvious personal information • Never reuse passwords and • Change them regularly. Always exercise good habits when creating a password for yourself!
  • 15. References • https://null-byte.wonderhowto.com/how-to/hack-like- pro-crack-passwords-part-3-using-hashcat-0156543/ • http://www.100security.com.br/revelando-hashs-com- hashcat/ • https://uwnthesis.wordpress.com/2013/08/07/kali-how- to-crack-passwords-using-hashcat/ • https://www.4armed.com/blog/hashcat-crack-md5- hashes/ • https://www.cyberpratibha.com/hashcat-tutorial-for- password-cracking/ • https://hashcat.net/hashcat/ • https://seguranca-informatica.pt/palavras-passe-e- honey-words/