https://DevOpsCloud.io -- Cloud Monk Losang Jinpa

Return to Red Team Tools, Red Team or Password cracking

“Red team members and penetration testers need to know how to crack passwords with different password cracking techniques. In this course, Credential Access with Hashcat, you will learn about Hashcat, the number one offline password cracker. First, you will see how to launch a dictionary attack using Hashcat. Next, you will discover how you can crack more passwords when you launch a dictionary attack with a rule. Then, you will learn how to launch a dictionary attack with a mask, also known as a hybrid attack). Finally, you will explore how to use Hashcat to crack password-protected PDF and password-protected DOCX files. By the end of this course, you will know how to use Hashcat to crack passwords with different password cracking techniques.”

Fair Use Source: https://app.pluralsight.com/library/courses/credential-access-hashcat/description

By Dawid Czagan - @dawidczagan - SECURITY INSTRUCTOR

Credential Access with Hashcat

Creator of Hashcat: Jens Steube

• Hashcat is the no. 1 offline password cracker.

• “It supports different password cracking techniques and many hash algorithms. What's more – it supports CPUs], GPUs, and other hardware accelerators on Linux, Windows, and macOS.

• Hashcat is available at https://hashcat.net

• You can use Hashcat to launch:
  • dictionary attack
  • dictionary attack with a rule
  • dictionary attack with a mask

• You can use Hashcat to crack password protected PDF and DOCX files

• Kill Chain
  • Recon
  • Exploit
  • Escalate
  • Lateral Movement Action
  • Evade

• Hashcat is between the Exploit and the Escalate stages of the [Kill Chain

• Red Team Kill Chain
  • Red Team Recon
  • Red Team Exploit
  • Red Team Escalate
  • Red Team Lateral Movement Action
  • Red Team Evade

• MITRE ATT&CK Tactics:
  • Initial Access
  • Execution
  • Persistence
  • Privilege Escalation
  • Defense Evasion
  • Credential Access
  • Discovery
  • Lateral Movement
  • Collection
  • Command & Control
  • Exfiltration
  • Impact

• MITRE ATT&CK Tactics:
  • Red Team Initial Access
  • Red Team Execution
  • Red Team Persistence
  • Red Team Privilege Escalation
  • Red Team Defense Evasion
  • Red Team Credential Access
  • Red Team Discovery
  • Red Team Lateral Movement
  • Red Team Collection
  • Red Team Command & Control
  • Red Team Exfiltration
  • Red Team Impact

In MITRE ATT&CK Tactics, Hashcat is used for Red Team Credential Access with a T1110 Brute Force attack.

• https://hashcat.net
• pdf2john.pl, office2john.py (John the Ripper) - https://www.openwall.com/john
• Dictionaries and Probable Wordlists - https://github.com/berzerk0/Probable-Wordlists
• Electronic Frontier Foundation - https://www.eff.org/pl/deeplinks/2016/07/new-wordlists-random-passphrases