-
Notifications
You must be signed in to change notification settings - Fork 162
/
Copy pathnaive-hashcat.sh
executable file
·57 lines (48 loc) · 2.32 KB
/
naive-hashcat.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
#!/bin/bash
HASH_FILE="${HASH_FILE:-hashcat-3.6.0/example0.hash}"
POT_FILE="${POT_FILE:-hashcat.pot}"
HASH_TYPE="${HASH_TYPE:-0}"
# WEIGHT="${WEIGHT:-"medium"}" # light, medium, heavy
# check OSX
if [ "$(uname)" == 'Darwin' ] ; then
if [ -f hashcat-src/hashcat ] ; then
HASHCAT="./hashcat-src/hashcat"
else
echo "You are running naive-hashcat on a MacOS/OSX machine but have not yet built the hashcat binary."
echo "Please run ./build-hashcat-osx.sh and try again."
exit 1
fi
# check Linux
elif [ "$(uname)" == 'Linux' ] ; then
if [ $(uname -m) == 'x86_64' ]; then
HASHCAT="./hashcat-3.6.0/hashcat64.bin"
else
HASHCAT="./hashcat-3.6.0/hashcat32.bin"
fi
# check Windows
elif [ "$(uname)" == 'MINGW64_NT-10.0' ] ; then
if [ $(uname -m) == 'x86_64' ]; then
HASHCAT="./hashcat-3.6.0/hashcat64.exe"
else
HASHCAT="./hashcat-3.6.0/hashcat32.exe"
fi
fi
# LIGHT
# DICTIONARY ATTACK-----------------------------------------------------------------------
# begin with a _very_ simple and naive dictionary attack. This is blazing fast and
# I've seen it crack ~20% of hashes
"$HASHCAT" -m "$HASH_TYPE" -a 0 "$HASH_FILE" dicts/rockyou.txt --potfile-path "$POT_FILE"
# DICTIONARY ATTACK WITH RULES------------------------------------------------------------
# now lets move on to a rule based attack, d3ad0ne.rule is a great one to start with
"$HASHCAT" -m "$HASH_TYPE" -a 0 "$HASH_FILE" dicts/rockyou.txt -r hashcat-3.6.0/rules/d3ad0ne.rule --potfile-path "$POT_FILE"
# rockyou is pretty good, and not too slow
"$HASHCAT" -m "$HASH_TYPE" -a 0 "$HASH_FILE" dicts/rockyou.txt -r hashcat-3.6.0/rules/rockyou-30000.rule --potfile-path "$POT_FILE"
# MEDIUM
# dive is a great rule file, but it takes a bit longer to run, so we will run it after d3ad0ne and rockyou
"$HASHCAT" -m "$HASH_TYPE" -a 0 "$HASH_FILE" dicts/rockyou.txt -r hashcat-3.6.0/rules/dive.rule --potfile-path "$POT_FILE"
# HEAVY
# MASK ATTACK (BRUTE-FORCE)---------------------------------------------------------------
"$HASHCAT" -m "$HASH_TYPE" -a 3 "$HASH_FILE" hashcat-3.6.0/masks/rockyou-1-60.hcmask --potfile-path "$POT_FILE"
# COMBINATION ATTACK----------------------------------------------------------------------
# this one can take 12+ hours, don't use it by default
# "$HASHCAT" -m "$HASH_TYPE" -a 1 "$HASH_FILE" dicts/rockyou.txt dicts/rockyou.txt --potfile-path "POT_FILE"