12-26-2017, 10:39 PM
So... I have been messing around with Hashcat for a pretty long time but I'm still pretty new to it. I realized that when I try and run an hccapx file with the mode -m 2500 (Network File) against like a 3 GB word list file, Hashcat say that it will take around 6 to 9 days to finish the session. But, if I would run the same 3 GB word list file against just regular hashes it would only take Hashcat around 3 to 4 minutes to run the file against the hashes. This is when it all started for me, I wanted to learn how to extract the hashes out of my hccapx file and put them into a .txt file so that Hashcat would run my 3 GB word list SIGNIFICANTLY faster. FINALLY after weeks upon weeks of studying hashcat's -h options, I found a command called --left which inserts the hashes that have not been cracked yet into your output file. The hashes looked like this:
653fe25d4c21eaed4feb2d5935b0e0f0:7cbfb1e65f20:fce998b58833Network Name)
791d684e8a5a1660634d13595266738e:7cbfb1e65f20:fce998b58833Network Name)
4ffee957a31e1e3c1906207758237fbc:7cbfb1e65f20:6452995ee1fcNetwork Name)
f1610b143845bae384b9a8d35a6e05a2:7cbfb1e65f20:6452995ee1fcNetwork Name)
So after I got these hashes I took out where the Network Name was so that the hashes looked like this:
653fe25d4c21eaed4feb2d5935b0e0f0:7cbfb1e65f20:fce998b58833
The first command I tried was something like this:
Hashcat -a 0 -m 2500 /root/Folder/hashes.txt -o /root/Folder/recoveredpasswordhere.txt
All it brought up was "invalid hccapx signutare" Also just for the recored I have tried all of these methods with hashes that looked like this:
653fe25d4c21eaed4feb2d5935b0e0f0:7cbfb1e65f20:fce998b58833
And This
653fe25d4c21eaed4feb2d5935b0e0f07cbfb1e65f20fce998b58833
Without the Semicolons (Just in case)
So after I figured that I couldn't run the network hashes with the mode 2500 anymore I tried many more approaches.
I tried running it with Hashcat thinking that they were Raw MD5 Hashes, Sha-1 Hashes, you name the Hash, I guarantee you I tried it. The next thing I tried was just typing in the whole hash with Semicolons into a hash identifier, everything said that it was an invalid hash or unknown hash type and so on, then i tried the same thing without the semicolons and it said MD5 so I tried running everything MD5 against it and nothing came up. Just keep in mind that I know what the wifi password is and I knew that the wifi password was in that 3 GB Wordlist. Anyway though Hashcat just kept saying that it was running the Wordlist against the hashes, it just kept on coming up with no result. So I then tried just running the first parts of the Semicolons,
So it went from this:
653fe25d4c21eaed4feb2d5935b0e0f0:7cbfb1e65f20:fce998b58833
To this
653fe25d4c21eaed4feb2d5935b0e0f0
And hash identifiers said that it was an MD5 hash
So I did the same thing and came up with the same results. Can someone please help me resolve on how to crack this hash!
653fe25d4c21eaed4feb2d5935b0e0f0:7cbfb1e65f20:fce998b58833Network Name)
791d684e8a5a1660634d13595266738e:7cbfb1e65f20:fce998b58833Network Name)
4ffee957a31e1e3c1906207758237fbc:7cbfb1e65f20:6452995ee1fcNetwork Name)
f1610b143845bae384b9a8d35a6e05a2:7cbfb1e65f20:6452995ee1fcNetwork Name)
So after I got these hashes I took out where the Network Name was so that the hashes looked like this:
653fe25d4c21eaed4feb2d5935b0e0f0:7cbfb1e65f20:fce998b58833
The first command I tried was something like this:
Hashcat -a 0 -m 2500 /root/Folder/hashes.txt -o /root/Folder/recoveredpasswordhere.txt
All it brought up was "invalid hccapx signutare" Also just for the recored I have tried all of these methods with hashes that looked like this:
653fe25d4c21eaed4feb2d5935b0e0f0:7cbfb1e65f20:fce998b58833
And This
653fe25d4c21eaed4feb2d5935b0e0f07cbfb1e65f20fce998b58833
Without the Semicolons (Just in case)
So after I figured that I couldn't run the network hashes with the mode 2500 anymore I tried many more approaches.
I tried running it with Hashcat thinking that they were Raw MD5 Hashes, Sha-1 Hashes, you name the Hash, I guarantee you I tried it. The next thing I tried was just typing in the whole hash with Semicolons into a hash identifier, everything said that it was an invalid hash or unknown hash type and so on, then i tried the same thing without the semicolons and it said MD5 so I tried running everything MD5 against it and nothing came up. Just keep in mind that I know what the wifi password is and I knew that the wifi password was in that 3 GB Wordlist. Anyway though Hashcat just kept saying that it was running the Wordlist against the hashes, it just kept on coming up with no result. So I then tried just running the first parts of the Semicolons,
So it went from this:
653fe25d4c21eaed4feb2d5935b0e0f0:7cbfb1e65f20:fce998b58833
To this
653fe25d4c21eaed4feb2d5935b0e0f0
And hash identifiers said that it was an MD5 hash
So I did the same thing and came up with the same results. Can someone please help me resolve on how to crack this hash!