The new version of Hashcat 6.0.0 has already been released and in it highlights a new interface, a new API, support for CUDA and more. For those who are unfamiliar with Hascat, they should know that this is a software that allows the recovery of passwords from the hash.
Hashcat is the first and only GPGPU-based rule engine dthe world and is available for Linux, OSX and Windows at no cost.
It comes in 2 variants.
- CPU based
- GPU-based
The system lets take a hash string and compare it to a precalculated list of values using threads and executing if possible on the graphic processing unit for parallel processing.
There is no difference when passing commands to Hashcat because automatically use the best method to crack passwords, either CPU or GPU, depending on what graphics driver you have installed or not.
Hashcat is fast and extremely flexible: the writer did it in such a way as to allow for distributed cracking. I highly recommend Hashcat over Pyrit for its flexibility.
Hascat supports five types of attacks and supports more than 300 algorithms password hashes optimized. Selection calculations can be parallelized using all available computing resources in the system, including the use of vector instructions from a CPU, GPU, and other hardware accelerators that support OpenCL or CUDA.
Of the supported attack types, the ones that stand out the most are:
- Dictionary-based attack
- Brute force attack / mask
- Hybrid Dict + Mask
- Hybrid mask + dict
- Permutation attack
- Rules-based attack
- Lever case attack
These are also just a few. Hashcat supports too many algorithms to decrypt hashes. It is possible to create a distributed selection network. The project code is distributed under the MIT license.
What's new in Hashcat 6.0.0?
In this new version, the new interface to connect plugins is highlighted That allows him create modular hashing modes, the new backend API compute to use compute backends other than OpenCL.
Another change that stands out in the new version is the improved support for CUDA and GPU emulation mode, which allows you to use core computer code (OpenCL) on the CPU.
The performance of many algorithms has been increasedFor example, bcrypt 45.58%, NTLM 13.70%, WPA / WPA2 13.35%, WinZip 119.43%.
In addition to the automatic tuning system, taking into account the available resources, has been expanded and also the improved GPU memory and thread management.
We also cannot leave out the new algorithms added, which in this new version 51 were added:
- AES Crypto (SHA256)
- android-backup
- AuthMe sha256
- BitLocker
- BitShares v0.x
- Blockchain, My Wallet, Second Password (SHA256)
- Citrix NetScaler (SHA512)
- DiskCryptor
- Electrum Wallet (Salt-Type 3-5)
- Huawei Router sha1 (md5 ($ pass). $ Salt)
- Java Object hashCode ()
- Kerberos 5 Pre-Auth type 17 (AES128-CTS-HMAC-SHA1-96)
- Kerberos 5 Pre-Auth type 18 (AES256-CTS-HMAC-SHA1-96)
- Kerberos 5 TGS-REP etype 17 (AES128-CTS-HMAC-SHA1-96)
- Kerberos 5 TGS-REP etype 18 (AES256-CTS-HMAC-SHA1-96)
- MultiBit Classic .key (MD5)
- MultiBit HD (scrypt)
- MySQL $ A $ (sha256crypt)
- Open Document Format (ODF) 1.1 (SHA-1, Blowfish)
- Open Document Format (ODF) 1.2 (SHA-256, AES)
- Oracle Transportation Management (SHA256)
- PKZIP archive encryption
- PKZIP Master Key
- Python passlib pbkdf2-sha1
- Python passlib pbkdf2-sha256
- Python passlib pbkdf2-sha512
- QNX / etc / shadow (MD5)
- QNX / etc / shadow (SHA256)
- QNX / etc / shadow (SHA512)
- Red Hat 389-DS LDAP (PBKDF2-HMAC-SHA256)
- Ruby on Rails Restful-Authentication
- SecureZIP AES-128
- SecureZIP AES-192
- SecureZIP AES-256
- SolarWinds Orion
- Telegram Desktop App Passcode (PBKDF2-HMAC-SHA1)
- Telegram Mobile App Passcode (SHA256)
- web2py pbkdf2-sha512
- WPA-PBKDF2-PMKID + EAPOL
- WPA-PMK-PMKID + EAPOL
- md5 ($ salt.sha1 ($ salt. $ pass))
- md5 (sha1 ($ pass) .md5 ($ pass) .sha1 ($ pass))
- md5 (sha1 ($ salt) .md5 ($ pass))
- sha1 (md5 (md5 ($ pass)))
- sha1 (md5 ($ pass. $ salt))
- sha1 (md5 ($ pass). $ salt)
- sha1 ($ salt1. $ pass. $ salt2)
- sha256 (md5 ($ pass))
- sha256 ($ salt. $ pass. $ salt)
- sha256 (sha256_bin ($ pass))
- sha256 (sha256 ($ pass). $ salt)
Finally, if you want to know more about it, you can check the details of the new version in the statement. The link is this.
How to install Hashcat on Linux?
For those interested in being able to install this new version, they can get the source code for their compilation or the binary packages from their official Web site.
Although we can also find the package inside most Linux distributions.
To do this, you just have to search for the package with your package manager and then perform the installation.
For example, in Debian, Ubuntu and derived distributions we can install the package by executing:
sudo apt install hashcat
Or on Arch Linux and derivatives with:
sudo pacman -S hashcat