# Introduction to Hashcat - well-known password cracking tool for Linux, Windows, and macOS - support GPUs - supports multiple attack (cracking) modes which can be used to efficiently attack password hashes ```bash #general syntax hashcat -a 0 -m 0 <hashes> [wordlist, rule, ...] # -a flag specifies an attack mode # -m flag specifies a hash mode (autodetecttion by default) # <hashes> can be a string or a file ``` ## Hash Modes - hashcat attempts to autodetect the hash mode - otherwise `hashcat -hh` shows common hash modes ![[images/Pasted image 20251006101250.png]] ```bash #identify hashcat mode for a hash hashid -m '<hash>' ``` ## Attack Modes - straight attack (`-a 0`) mode is a dictionary attack![[images/Pasted image 20251006101210.png]] - hashcat rules can be used to  perform specific modifications to passwords to generate even more guesses - specify a rule with the -r flag - see `/usr/share/hashcat/rules` ![[images/Pasted image 20251006101632.png]] ```bash hashcat -a 0 -m 0 <hash> /usr/share/wordlists/rockyou.txt -r /usr/share/hashcat/rules/best66.rule ``` - brute-force mode (`-a 3`) can leverage a mask attack by specifying the keyspace |Symbol|Charset| |---|---| |?l|abcdefghijklmnopqrstuvwxyz| |?u|ABCDEFGHIJKLMNOPQRSTUVWXYZ| |?d|0123456789| |?h|0123456789abcdef| |?H|0123456789ABCDEF| |?s|«space»!"#$%&'()*+,-./:;<=>?@[]^_`{| |?a|?l?u?d?s| |?b|0x00 - 0xff| ```bash hashcat -a 3 -m 0 <hash> '?u?l?l?l?l?d?s' #use a mask including an uppercase letter, followed with four lowercase letters, a digit, and then a symbol ```