is a really important topic in ethical hacking. When comes to hackers, the first thing people think of is cracking a great number of passwords, which proves to be true. It may be website dump hashes, data breach hashes, wifi WPA2 hashes, or windows NTLM hashes, etc. Password cracking For all these passwords, here are tips on how you can be the most resourceful, accurate, and efficient when cracking a password. Topics to Cover Tools Required How to Set Up a Cloud Server Password Files OSINT in Password Cracking How to Protect Yourself Tools required The most important of all tools is - a free cross-platform password cracking utility that can crack thousands of passwords in just a few seconds. It is fast and accurate. hashcat The second tool is - a medium to transfer files from our cloud cracking server to our main hacking machine. git The third tool is . It's a python tool that does a great job in identifying the hash we are working with and with all these tools you also need high-speed internet. hashidentifier.py These are the tools and programs required to complete this process. Other than the above software requirements, we also need a cloud server such as or . Google Cloud Linode server How to Set Up a Cloud Server You might be asking: Why do we need a cloud server for password cracking? Because they tend to be really fast. Due to being mostly command lines, they don't have other background apps running which makes them easier and cost-effective to work with. Other than that, you can choose the level of CPU, graphics card power, and the amount of storage you want. I would recommend at least medium-sized storage, a powerful CPU, a graphics card, and around 4-8 GB of RAM. For all that you simply require a cloud worker setting. Select in the dashboard in case you are in Google Cloud or in Linode. Create VM example The cost of these VM stands anywhere from $5-10 per year. That's very cheap for a super high power system with great features which comes both in Linode and Google server. Both server providers provide a $100 credit for a year and this makes it free for you to use for 1 year and then $5 per month after. The expense of these VM stands somewhere in the range of $5-10 every year. That is exceptionally modest for a very high force framework with incredible provisions which comes both in Linode and Google worker. Both worker suppliers give a $100 credit to a year and this makes it free for you to use for 1 year, and afterwards $5 for each month after. Once you have your instance ready, . copy-paste the following command To get an update and upgrade to the latest Sudo apt update && upgrade Install hashcat, git & python3 Sudo apt install git 
Sudo apt install hashcat 
Sudo apt install python3 Once everything is installed and working well, the following repo for the hash identifier. git clone Git clone https://github.com/blackploit/hash-identifier Once git is cloned now you can use this like a password cracking utility. However, there is a catch. You don't have a password file to do that. Password files For a password file, there are different options. If you know the person's personal details and want to crack the password using those details, you can use a and a . Alternatively, you can use a that picks out all the password combinations for all types of password crackers. cupp program python tool sequenced password generator Installing cupp: Git clone https://github.com/Mebus/cupp Code for sequenced password generator: #python3

import random
import itertools

#+---------------------------------------------------+
#|welcome to a custom synchronised password generator|
#+---------------------------------------------------+
#<===============[Made by Morpheuslord]==============>
#              twitter= @morpheuslord2
#        email= morpheuslord@protonmail.com

Range_1 = int(input("enter your password range: "))
Range_2 = Range_1 + 1

lower="abcdefghijklmnopqrstuvwxyz"
upper="ABCDEFGHIJKLMNOPQRSTUVWXYZ"
numbers="0123456789"
symbols="!@$%^&*{[()]}<>"

def guess_password(real):
    chars =  lower+upper+numbers+symbols
    attempts = 0
    #enter the range of your password the range your password
    #the range of passwords you want a list of
    for password_length in range(Range_1 , Range _2):
        for guess in itertools.product(chars, repeat=password_length):
            attempts += 1
            guess = ''.join(guess)
            if guess == real:
                return 'password is {}. found in {} guesses.'.format(guess, attempts)
            print(guess)
#enter a random password or enter '>>' with the corresponding
#password length for getting the most possible
#password combination
print(guess_password('>'))
#The password file wont be generated until you use it on windows or linux 
#currospondingly In the print(guess_password()) You need to enter the > symbols according to your range. If your range is 11, there must be 11 symbols in single quotes in the brackets. OSINT in password cracking To achieve the most in password cracking, you need to do some OSINT or open-sourced intelligence which is cracking all the information about the target 🎯 to get the most out of it. For eg:- If you have a password hash and want to crack it and if you need to check how many password characters there are in the login of the network. For that, if you have an Android then when you are entering the password input check for the join button. Once you meet the password length criteria the join button turns green for joining it so using that you can determine the length of the password and it makes things super easy to work with. There is another scenario for this case if you are cracking a hash and you know the format of the password like a 4 digit letter and 2 digit password and 1 special character then you can use hashcat to do a mask attack which is a Brute force attack with a lot of new features. How to Protect Yourself As an average person using the internet for your daily work, you must consider keeping a password with a minimum of 11 characters to 15 characters and never reveal the actual character count to anyone else. Then enable 2-factor authentication and use all the ways you can use to safeguard your account. In an enterprise environment, this is a big thing as from one employee account you can actually access a lot of data which can affect the company’s privacy and security issues, potentially leading to a huge loss. Follow Me Follow my Twitter account for the latest updates Twitter - @morpheuslord2 Instagram - @morpheuslord_9034 Email me - morpheuslord@protonmail.com

Google

Instagram

Super

Target

Twitter

How to Hack Wifi Like a Pro Hacker

All the Methods You Can Use to Hack into a Website

Personal Website

LinkedIn

HuggingFace

Github

Cybersecurity Engineer Intern

Researcher & Developer

Offensive Security Engineer Intern

CyberSecurity Engineer

Too Long; Didn't Read

How to Crack a Password Using Hashcat

How to Crack a Password Using Hashcat

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

All the Methods You Can Use to Hack into a Website

Windows Sticky Keys Exploit: The War Veteran That Never Dies

06/02/2018: Biggest Stories in the Cryptosphere

0-Days are on the Rise and that Means a Lot More Work for SOC Teams

Time Bombs Inside Software: 0-Day Log4Shell is Just the Tip of The Iceberg

The Noonification: How the Liver Transplant System Changed Forever (11/25/2023)

All the Methods You Can Use to Hack into a Website

Windows Sticky Keys Exploit: The War Veteran That Never Dies

06/02/2018: Biggest Stories in the Cryptosphere

0-Days are on the Rise and that Means a Lot More Work for SOC Teams

Time Bombs Inside Software: 0-Day Log4Shell is Just the Tip of The Iceberg

The Noonification: How the Liver Transplant System Changed Forever (11/25/2023)

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps