Hashcat Cheat Blatt
Überblick
Hashcat ist das weltweit schnellste und fortschrittlichste Passwort-Recovery-Tool, um die Rechenleistung moderner CPUs und GPUs für leistungsstarke Passwort-Cracking und Sicherheits-Auditing zu nutzen. Hashcat wurde als Nachfolger traditioneller CPU-basierter Passwort-Cracker entwickelt und revolutioniert Passwort-Sicherheitstests, indem die parallelen Verarbeitungsfunktionen von Grafikkarten genutzt werden, um beispiellose Rißgeschwindigkeiten zu erreichen. Das Tool unterstützt über 300 Hash-Algorithmen und Angriffsmodi, so dass es die umfassendste Passwort-Recovery-Plattform für Sicherheitsexperten, Penetrationsprüfer und Forscher, die Kennwort-Richtlinien-Bewertungen und Sicherheitsaudits durchführen.
Die Kernkraft von Hashcat liegt in seiner ausgeklügelten GPU-Beschleunigungsarchitektur, die die Kraft mehrerer Grafikkarten gleichzeitig nutzen kann, um Milliarden von Passwörtern pro Sekunde durchzuführen. Diese massive Rechenfähigkeit, kombiniert mit intelligenten Angriffsoptimierungsalgorithmen, ermöglicht Hashcat, komplexe Passwörter zu knacken, die unpraktisch mit traditionellen CPU-basierten Werkzeugen angreifen würden. Die Plattform unterstützt alle großen GPU-Anbieter einschließlich NVIDIA CUDA und AMD OpenCL, optimiert automatisch die Leistung für verfügbare Hardware-Konfigurationen und bietet detaillierte Leistungskennzahlen für die Kapazitätsplanung und Angriffsoptimierung.
Hashcats erweitertes Feature-Set umfasst mehrere Angriffsmodi, von Wörterbuchangriffen und regelbasierten Transformationen bis hin zu anspruchsvollen Maskenangriffen und Hybrid-Kombinationen. Die modulare Architektur des Tools unterstützt kundenspezifische Regelentwicklung, verteiltes Computing über mehrere Systeme und Integration mit externen Wortlistengeneratoren und Vorverarbeitungswerkzeugen. Hashcat bietet mit seinem umfassenden Sitzungsmanagement, der detaillierten Fortschrittsberichte und umfangreichen Anpassungsoptionen sowohl automatisierte Passwortprüfungsfunktionen als auch feinkörnige Kontrolle für spezialisierte Sicherheitsforschungsanwendungen. Die aktive Entwicklungsgemeinschaft der Plattform und die kontinuierliche Optimierung der aufstrebenden Hardware-Architekturen sorgen dafür, dass sie an der Spitze der Passwort-Sicherheitstesttechnologie bleibt.
Installation
Ubuntu/Debian Installation
Installation von Hashcat auf Ubuntu/Debian-Systemen:
```bash
Update system packages
sudo apt update && sudo apt upgrade -y
Install Hashcat from repositories
sudo apt install -y hashcat
Install additional dependencies
sudo apt install -y opencl-headers ocl-icd-opencl-dev
Install GPU drivers for optimal performance
For NVIDIA GPUs:
sudo apt install -y nvidia-driver-470 nvidia-opencl-dev
For AMD GPUs:
sudo apt install -y mesa-opencl-icd
Verify installation
hashcat --version hashcat --benchmark
Install latest version from source
sudo apt install -y git build-essential git clone https://github.com/hashcat/hashcat.git cd hashcat make sudo make install
Verify GPU detection
hashcat -I ```_
CentOS/RHEL Installation
```bash
Install EPEL repository
sudo yum install -y epel-release
Install development tools
sudo yum groupinstall -y "Development Tools"
Install dependencies
sudo yum install -y opencl-headers ocl-icd-devel
Install GPU drivers
For NVIDIA:
sudo yum install -y nvidia-driver nvidia-opencl
Build from source
git clone https://github.com/hashcat/hashcat.git cd hashcat make sudo make install
Verify installation
hashcat --version hashcat -I ```_
Windows Installation
```bash
Download pre-compiled binaries
https://hashcat.net/hashcat/
Extract to desired location
Example: C:\hashcat
Install GPU drivers
NVIDIA: Download from nvidia.com
AMD: Download from amd.com
Add to PATH environment variable
System Properties > Environment Variables
Add C:\hashcat to PATH
Verify installation
hashcat.exe --version hashcat.exe -I
Alternative: Install with Chocolatey
choco install hashcat ```_
macOS Installation
```bash
Install using Homebrew
brew install hashcat
Install GPU support (limited on macOS)
Metal performance shaders for Apple Silicon
Verify installation
hashcat --version hashcat -I
Build from source for latest features
brew install git git clone https://github.com/hashcat/hashcat.git cd hashcat make sudo make install ```_
Docker Installation
Running Hashcat in Docker mit GPU-Unterstützung:
```bash
Create Dockerfile for Hashcat
cat > Dockerfile.hashcat << 'EOF' FROM nvidia/cuda:11.8-devel-ubuntu22.04
Install dependencies
RUN apt-get update && apt-get install -y \ git \ build-essential \ opencl-headers \ ocl-icd-opencl-dev \ && rm -rf /var/lib/apt/lists/*
Clone and build Hashcat
RUN git clone https://github.com/hashcat/hashcat.git /opt/hashcat WORKDIR /opt/hashcat RUN make && make install
Create working directory
WORKDIR /work
Set PATH
ENV PATH="/opt/hashcat:$\\{PATH\\}"
CMD ["hashcat", "--help"] EOF
Build Docker image
docker build -f Dockerfile.hashcat -t hashcat-gpu .
Run with GPU support (NVIDIA)
docker run --gpus all -it --rm \ -v $(pwd):/work \ hashcat-gpu hashcat --benchmark
Run with specific GPU
docker run --gpus '"device=0"' -it --rm \ -v $(pwd):/work \ hashcat-gpu hashcat -I ```_
Basisnutzung
Hash Identifikation
Identifizierung von Hash-Typen und -Formaten:
```bash
List supported hash modes
hashcat --help|grep -A 500 "Hash modes"
Common hash mode numbers
0 = MD5
100 = SHA1
1000 = NTLM
1400 = SHA256
1700 = SHA512
1800 = sha512crypt
3200 = bcrypt
7500 = Kerberos 5 AS-REQ Pre-Auth
Identify hash automatically
hashcat --identify hash.txt
Example hash formats
echo "5d41402abc4b2a76b9719d911017c592" > md5_hash.txt # MD5 echo "aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d" > sha1_hash.txt # SHA1 echo "admin:1000:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::" > ntlm_hash.txt # NTLM
Verify hash format
hashcat -m 0 --identify md5_hash.txt hashcat -m 100 --identify sha1_hash.txt hashcat -m 1000 --identify ntlm_hash.txt ```_
Grundangriffe
Führen grundlegende Passwortangriffe:
```bash
Dictionary attack
hashcat -m 0 -a 0 hash.txt wordlist.txt
Dictionary attack with rules
hashcat -m 0 -a 0 hash.txt wordlist.txt -r rules/best64.rule
Brute force attack
hashcat -m 0 -a 3 hash.txt ?a?a?a?a?a?a
Mask attack (specific pattern)
hashcat -m 0 -a 3 hash.txt ?u?l?l?l?l?d?d?d
Combination attack
hashcat -m 0 -a 1 hash.txt wordlist1.txt wordlist2.txt
Hybrid attack (wordlist + mask)
hashcat -m 0 -a 6 hash.txt wordlist.txt ?d?d?d
Hybrid attack (mask + wordlist)
hashcat -m 0 -a 7 hash.txt ?d?d?d wordlist.txt
Show cracked passwords
hashcat -m 0 hash.txt --show
Resume session
hashcat --session=mysession --restore
Attack with time limit
timeout 3600 hashcat -m 0 -a 0 hash.txt wordlist.txt ```_
Leistungsoptimierung
Optimierung der Hashcat-Leistung:
```bash
Benchmark system performance
hashcat -b
Benchmark specific hash mode
hashcat -b -m 1000
Show device information
hashcat -I
Use specific GPU devices
hashcat -m 0 -a 0 hash.txt wordlist.txt -d 1,2
Optimize workload
hashcat -m 0 -a 0 hash.txt wordlist.txt -w 3
Workload profiles:
-w 1 = Low (desktop use)
-w 2 = Default
-w 3 = High (dedicated cracking)
-w 4 = Nightmare (maximum performance)
Optimize kernel loops
hashcat -m 0 -a 0 hash.txt wordlist.txt -n 1024 -u 256
Monitor temperature and performance
watch -n 1 'hashcat --status --machine-readable' ```_
Erweiterte Funktionen
Maskenangriffe
Erweiterte maskenbasierte Angriffe:
```bash
Character sets
?l = lowercase letters (a-z)
?u = uppercase letters (A-Z)
?d = digits (0-9)
?h = hex digits (0-9a-f)
?H = hex digits (0-9A-F)
?s = special characters
?a = all characters (?l?u?d?s)
?b = all bytes (0x00-0xff)
Common password patterns
8-character mixed case with numbers
hashcat -m 0 -a 3 hash.txt ?u?l?l?l?l?d?d?d
Phone number pattern
hashcat -m 0 -a 3 hash.txt ?d?d?d-?d?d?d-?d?d?d?d
Date pattern (MMDDYYYY)
hashcat -m 0 -a 3 hash.txt ?d?d?d?d?d?d?d?d
Custom character set
hashcat -m 0 -a 3 hash.txt -1 ?l?d ?1?1?1?1?1?1?1?1
Multiple custom character sets
hashcat -m 0 -a 3 hash.txt -1 ?l?u -2 ?d?s ?1?1?1?1?2?2
Increment mode
hashcat -m 0 -a 3 hash.txt --increment --increment-min=6 --increment-max=8 ?a?a?a?a?a?a?a?a
Position-specific masks
hashcat -m 0 -a 3 hash.txt ?u?l?l?l?l?l?d?d
Mask file
cat > masks.txt << 'EOF' ?u?l?l?l?l?d?d ?u?l?l?l?l?d?d?d ?u?l?l?l?l?l?d?d ?l?l?l?l?d?d?d?d EOF
hashcat -m 0 -a 3 hash.txt masks.txt ```_
Regelbasierte Angriffe
Erweiterte regelbasierte Transformationen:
```bash
Built-in rule files
ls /usr/share/hashcat/rules/
Common rule files
best64.rule - Most effective 64 rules
leetspeak.rule - Leet speak transformations
rockyou-30000.rule - Rules based on RockYou analysis
dive.rule - Comprehensive rule set
Use specific rule file
hashcat -m 0 -a 0 hash.txt wordlist.txt -r /usr/share/hashcat/rules/best64.rule
Multiple rule files
hashcat -m 0 -a 0 hash.txt wordlist.txt -r rules/best64.rule -r rules/leetspeak.rule
Create custom rules
cat > custom.rule ``<< 'EOF'
Append numbers
$0 $1 $2 $3 $4 $5 $6 $7 $8 $9
Prepend numbers
^0 ^1 ^2 ^3 ^4 ^5 ^6 ^7 ^8 ^9
Capitalize first letter
c
Toggle case
t
Duplicate word
d
Reverse word
r
Leetspeak substitutions
sa@ se3 si1 so0 ss$
Append common suffixes
$! $@ $# $ $% $1 $2 $3
Complex transformations
c $1 $2 $3 c $! $@ sa@ se3 si1 so0 $! EOF
Use custom rules
hashcat -m 0 -a 0 hash.txt wordlist.txt -r custom.rule
Generate rule statistics
hashcat -m 0 -a 0 hash.txt wordlist.txt -r rules/best64.rule --debug-mode=1 --debug-file=debug.log
Test rules without cracking
hashcat -a 0 --stdout wordlist.txt -r custom.rule|head -20 ```_
Sitzungsmanagement
Langlaufende Sitzungen verwalten:
```bash
Start named session
hashcat --session=audit2023 -m 1000 -a 0 hash.txt wordlist.txt
Check session status
hashcat --session=audit2023 --status
Restore session
hashcat --session=audit2023 --restore
Remove session
hashcat --session=audit2023 --remove
Session with checkpoint
hashcat --session=audit2023 -m 1000 -a 0 hash.txt wordlist.txt --status-timer=60
Quit session gracefully
Press 'q' during execution or send SIGTERM
Session configuration
cat >`` hashcat.conf << 'EOF'
Status timer (seconds)
status-timer = 60
Checkpoint interval (seconds)
checkpoint-disable = false
Restore timer (seconds)
restore-timer = 60
Quiet mode
quiet = false
Force mode
force = false EOF
Use configuration file
hashcat --session=audit2023 --config=hashcat.conf -m 1000 -a 0 hash.txt wordlist.txt ```_
Verteilte Cracking
Einrichten von verteilten Passwort-Cracking:
```bash
Split wordlist for distribution
split -l 1000000 rockyou.txt wordlist_part_
Distribute across multiple machines
Machine 1:
hashcat --session=node1 -m 1000 -a 0 hash.txt wordlist_part_aa
Machine 2:
hashcat --session=node2 -m 1000 -a 0 hash.txt wordlist_part_ab
Machine 3:
hashcat --session=node3 -m 1000 -a 0 hash.txt wordlist_part_ac
Keyspace distribution for mask attacks
Total keyspace calculation
hashcat -m 0 -a 3 --keyspace ?a?a?a?a?a?a
Distribute keyspace
Machine 1 (first quarter):
hashcat -m 0 -a 3 hash.txt ?a?a?a?a?a?a --skip=0 --limit=1000000
Machine 2 (second quarter):
hashcat -m 0 -a 3 hash.txt ?a?a?a?a?a?a --skip=1000000 --limit=1000000
Automated distribution script
cat > distribute_hashcat.sh ``<< 'EOF'
!/bin/bash
HOSTS=("server1" "server2" "server3" "server4") HASH_FILE="hashes.txt" WORDLIST="rockyou.txt" HASH_MODE="1000"
Calculate total lines
TOTAL_LINES=$(wc -l < $WORDLIST) LINES_PER_HOST=$((TOTAL_LINES / $\{#HOSTS[@]\}))
for i in "$\{!HOSTS[@]\}"; do HOST="$\{HOSTS[$i]\}" SKIP=$((i * LINES_PER_HOST))
echo "Starting node $((i+1)) on $HOST"
ssh $HOST "hashcat --session=node$((i+1)) -m $HASH_MODE -a 0 $HASH_FILE $WORDLIST --skip=$SKIP --limit=$LINES_PER_HOST" &
done
wait echo "All nodes completed" EOF
chmod +x distribute_hashcat.sh ./distribute_hashcat.sh ```_
Automatisierungsskripte
Umfassendes Passwort Audit Script
```python
!/usr/bin/env python3
Comprehensive password audit using Hashcat
import subprocess import os import sys import time import json import argparse from datetime import datetime import threading import queue import re
class HashcatAuditor: def init(self, hashcat_path="hashcat"): self.hashcat_path = hashcat_path self.results = \{\} self.sessions = \{\}
def verify_hashcat_installation(self):
"""Verify Hashcat installation and GPU support"""
try:
result = subprocess.run([self.hashcat_path, "--version"],
capture_output=True, text=True)
if result.returncode == 0:
print(f"Hashcat version: \\\{result.stdout.strip()\\\}")
# Check GPU devices
gpu_result = subprocess.run([self.hashcat_path, "-I"],
capture_output=True, text=True)
if gpu_result.returncode == 0:
print("GPU devices detected:")
print(gpu_result.stdout)
return True
else:
print("Warning: No GPU devices detected")
return True
else:
print("Hashcat not found or not working")
return False
except Exception as e:
print(f"Error checking Hashcat installation: \\\{e\\\}")
return False
def identify_hash_type(self, hash_file):
"""Identify hash types in file"""
try:
result = subprocess.run([self.hashcat_path, "--identify", hash_file],
capture_output=True, text=True)
if result.returncode == 0:
return self.parse_hash_identification(result.stdout)
else:
print(f"Hash identification failed: \\\{result.stderr\\\}")
return \\\{\\\}
except Exception as e:
print(f"Error identifying hashes: \\\{e\\\}")
return \\\{\\\}
def parse_hash_identification(self, output):
"""Parse hash identification output"""
hash_types = \\\{\\\}
lines = output.strip().split('\n')
for line in lines:
if 'possible' in line.lower():
# Parse hash type information
parts = line.split()
if len(parts) >``= 3:
hash_mode = parts[0]
hash_name = ' '.join(parts[1:])
hash_types[hash_mode] = hash_name
return hash_types
def benchmark_performance(self):
"""Benchmark system performance"""
try:
result = subprocess.run([self.hashcat_path, "-b"],
capture_output=True, text=True, timeout=300)
if result.returncode == 0:
return self.parse_benchmark_results(result.stdout)
else:
print(f"Benchmark failed: \\\\{result.stderr\\\\}")
return \\\\{\\\\}
except subprocess.TimeoutExpired:
print("Benchmark timed out")
return \\\\{\\\\}
except Exception as e:
print(f"Error running benchmark: \\\\{e\\\\}")
return \\\\{\\\\}
def parse_benchmark_results(self, output):
"""Parse benchmark results"""
benchmarks = \\\\{\\\\}
lines = output.strip().split('\n')
for line in lines:
if 'H/s' in line:
# Parse benchmark line
parts = line.split()
if len(parts) >= 4:
hash_mode = parts[0]
speed = parts[-2]
unit = parts[-1]
benchmarks[hash_mode] = f"\\\\{speed\\\\} \\\\{unit\\\\}"
return benchmarks
def crack_passwords(self, hash_file, attack_config):
"""Crack passwords with specified configuration"""
session_name = f"audit_\\\\{int(time.time())\\\\}"
cmd = [self.hashcat_path, "--session", session_name]
# Add hash mode
if attack_config.get('mode'):
cmd.extend(["-m", str(attack_config['mode'])])
# Add attack type
if attack_config.get('attack'):
cmd.extend(["-a", str(attack_config['attack'])])
# Add attack-specific parameters
if attack_config.get('attack') == 0: # Dictionary attack
if attack_config.get('wordlist'):
cmd.append(attack_config['wordlist'])
if attack_config.get('rules'):
cmd.extend(["-r", attack_config['rules']])
elif attack_config.get('attack') == 3: # Mask attack
if attack_config.get('mask'):
cmd.append(attack_config['mask'])
if attack_config.get('increment'):
cmd.append("--increment")
if attack_config.get('increment_min'):
cmd.extend(["--increment-min", str(attack_config['increment_min'])])
if attack_config.get('increment_max'):
cmd.extend(["--increment-max", str(attack_config['increment_max'])])
# Add performance options
if attack_config.get('workload'):
cmd.extend(["-w", str(attack_config['workload'])])
if attack_config.get('devices'):
cmd.extend(["-d", attack_config['devices']])
# Add hash file
cmd.append(hash_file)
print(f"Starting password cracking: \\\\{' '.join(cmd)\\\\}")
try:
# Start cracking process
process = subprocess.Popen(cmd, stdout=subprocess.PIPE,
stderr=subprocess.PIPE, text=True)
self.sessions[session_name] = \\\\{
'process': process,
'start_time': time.time(),
'config': attack_config,
'cmd': cmd
\\\\}
return session_name
except Exception as e:
print(f"Error starting crack: \\\\{e\\\\}")
return None
def monitor_session(self, session_name, timeout=None):
"""Monitor cracking session"""
if session_name not in self.sessions:
print(f"Session \\\\{session_name\\\\} not found")
return None
session = self.sessions[session_name]
process = session['process']
start_time = session['start_time']
try:
if timeout:
stdout, stderr = process.communicate(timeout=timeout)
else:
stdout, stderr = process.communicate()
end_time = time.time()
duration = end_time - start_time
result = \\\\{
'session': session_name,
'duration': duration,
'returncode': process.returncode,
'stdout': stdout,
'stderr': stderr,
'cmd': session['cmd']
\\\\}
return result
except subprocess.TimeoutExpired:
print(f"Session \\\\{session_name\\\\} timed out")
process.terminate()
return None
except Exception as e:
print(f"Error monitoring session: \\\\{e\\\\}")
return None
def get_cracked_passwords(self, hash_file, hash_mode=None):
"""Retrieve cracked passwords"""
cmd = [self.hashcat_path, "--show"]
if hash_mode:
cmd.extend(["-m", str(hash_mode)])
cmd.append(hash_file)
try:
result = subprocess.run(cmd, capture_output=True, text=True)
if result.returncode == 0:
lines = result.stdout.strip().split('\n')
cracked = []
for line in lines:
if ':' in line and line.strip():
parts = line.split(':')
if len(parts) >= 2:
cracked.append(\\\\{
'hash': parts[0],
'password': parts[1],
'full_line': line
\\\\})
return cracked
else:
print(f"Error getting cracked passwords: \\\\{result.stderr\\\\}")
return []
except Exception as e:
print(f"Error retrieving passwords: \\\\{e\\\\}")
return []
def analyze_password_strength(self, cracked_passwords):
"""Analyze password strength patterns"""
analysis = \\\\{
'total_cracked': len(cracked_passwords),
'length_distribution': \\\\{\\\\},
'character_analysis': \\\\{
'lowercase_only': 0,
'uppercase_only': 0,
'digits_only': 0,
'mixed_case': 0,
'with_digits': 0,
'with_symbols': 0,
'alphanumeric': 0
\\\\},
'pattern_analysis': \\\\{
'dictionary_words': 0,
'keyboard_patterns': 0,
'repeated_characters': 0,
'sequential_patterns': 0
\\\\},
'complexity_score': 0,
'weak_passwords': []
\\\\}
if not cracked_passwords:
return analysis
for entry in cracked_passwords:
password = entry['password']
length = len(password)
# Length distribution
if length not in analysis['length_distribution']:
analysis['length_distribution'][length] = 0
analysis['length_distribution'][length] += 1
# Character analysis
has_lower = bool(re.search(r'[a-z]', password))
has_upper = bool(re.search(r'[A-Z]', password))
has_digit = bool(re.search(r'[0-9]', password))
has_symbol = bool(re.search(r'[^a-zA-Z0-9]', password))
if password.islower():
analysis['character_analysis']['lowercase_only'] += 1
elif password.isupper():
analysis['character_analysis']['uppercase_only'] += 1
elif password.isdigit():
analysis['character_analysis']['digits_only'] += 1
elif has_lower and has_upper:
analysis['character_analysis']['mixed_case'] += 1
if has_digit:
analysis['character_analysis']['with_digits'] += 1
if has_symbol:
analysis['character_analysis']['with_symbols'] += 1
if password.isalnum():
analysis['character_analysis']['alphanumeric'] += 1
# Pattern analysis
| if re.search(r'(password | admin | user | test | guest | login)', password.lower()): | analysis['pattern_analysis']['dictionary_words'] += 1
| if re.search(r'(qwerty | asdf | zxcv | 1234 | abcd)', password.lower()): | analysis['pattern_analysis']['keyboard_patterns'] += 1
if re.search(r'(.)\1\\\\{2,\\\\}', password):
analysis['pattern_analysis']['repeated_characters'] += 1
| if re.search(r'(012 | 123 | 234 | 345 | 456 | 567 | 678 | 789 | abc | bcd | cde)', password.lower()): | analysis['pattern_analysis']['sequential_patterns'] += 1
# Weakness assessment
weakness_score = 0
if length < 8:
weakness_score += 3
if password.lower() in ['password', '123456', 'admin', 'user', 'guest']:
weakness_score += 5
if password.isdigit() or password.islower() or password.isupper():
weakness_score += 2
if not has_symbol:
weakness_score += 1
if weakness_score >= 3:
analysis['weak_passwords'].append(\\\\{
'password': password,
'hash': entry['hash'],
'weakness_score': weakness_score
\\\\})
# Calculate overall complexity score
total = len(cracked_passwords)
if total > 0:
complexity_factors = [
(analysis['character_analysis']['mixed_case'] / total) * 20,
(analysis['character_analysis']['with_symbols'] / total) * 30,
(sum(1 for l in analysis['length_distribution'] if l >= 12) / total) * 25,
(1 - (len(analysis['weak_passwords']) / total)) * 25
]
analysis['complexity_score'] = sum(complexity_factors)
return analysis
def generate_comprehensive_report(self, audit_results, output_file="hashcat_audit_report.html"):
"""Generate comprehensive audit report"""
html_content = f"""
Hashcat Password Security Audit Report
Generated: \\\\{datetime.now().isoformat()\\\\}
Hash File: \\\\{audit_results.get('hash_file', 'N/A')\\\\}
Executive Summary
- Total Hashes Analyzed: \\\\{audit_results.get('total_hashes', 0)\\\\}
- Passwords Cracked: \\\\{audit_results.get('total_cracked', 0)\\\\}
- Crack Rate: \\\\{(audit_results.get('total_cracked', 0) / max(audit_results.get('total_hashes', 1), 1) * 100):.2f\\\\}%
- Weak Passwords: \\\\{len(audit_results.get('weak_passwords', []))\\\\}
Password Complexity Score
Critical Findings
Weak Passwords
| Hash | Password | Weakness Score |
|---|---|---|
| \\\\{weak['hash'][:20]\\\\}... | \\\\{weak['password']\\\\} | \\\\{weak['weakness_score']\\\\} |
Performance Analysis
| Attack Method | Duration | Passwords Found | Rate |
|---|---|---|---|
| \\\\{session.get('attack_method', 'Unknown')\\\\} | \\\\{duration:.2f\\\\}s | \\\\{passwords_found\\\\} | \\\\{rate:.2f\\\\} p/s |
Recommendations
- Implement minimum password length of 14 characters
- Require complex passwords with mixed case, numbers, and symbols
- Prohibit common dictionary words and keyboard patterns
- Implement password history to prevent reuse
- Enable multi-factor authentication
- Regular password audits and user training
- Consider passphrase-based authentication
"""
with open(output_file, 'w') as f:
f.write(html_content)
print(f"Report generated: \\\\{output_file\\\\}")
return output_file
def get_score_class(self, score):
"""Get CSS class for complexity score"""
if score >= 70:
return "high"
elif score >= 40:
return "medium"
else:
return "low"
def run_comprehensive_audit(self, hash_file, wordlists, output_dir="/tmp/hashcat_audit"):
"""Run comprehensive password audit"""
print("Starting comprehensive Hashcat audit...")
# Create output directory
os.makedirs(output_dir, exist_ok=True)
audit_results = \\\\{
'start_time': time.time(),
'hash_file': hash_file,
'wordlists': wordlists,
'sessions': [],
'total_hashes': 0,
'total_cracked': 0
\\\\}
# Identify hash types
print("Identifying hash types...")
hash_types = self.identify_hash_type(hash_file)
audit_results['hash_types'] = hash_types
# Count total hashes
try:
with open(hash_file, 'r') as f:
audit_results['total_hashes'] = len(f.readlines())
except Exception as e:
print(f"Error reading hash file: \\\\{e\\\\}")
return None
# Determine best hash mode
if hash_types:
best_mode = list(hash_types.keys())[0]
print(f"Using hash mode: \\\\{best_mode\\\\} (\\\\{hash_types[best_mode]\\\\})")
else:
best_mode = "0" # Default to MD5
print("Using default hash mode: MD5")
# Run multiple attack strategies
attack_configs = [
\\\\{
'name': 'Quick Dictionary',
'mode': best_mode,
'attack': 0,
'wordlist': wordlists[0] if wordlists else '/usr/share/wordlists/rockyou.txt',
'timeout': 1800 # 30 minutes
\\\\},
\\\\{
'name': 'Dictionary with Rules',
'mode': best_mode,
'attack': 0,
'wordlist': wordlists[0] if wordlists else '/usr/share/wordlists/rockyou.txt',
'rules': '/usr/share/hashcat/rules/best64.rule',
'timeout': 3600 # 1 hour
\\\\},
\\\\{
'name': 'Mask Attack (8 chars)',
'mode': best_mode,
'attack': 3,
'mask': '?a?a?a?a?a?a?a?a',
'increment': True,
'increment_min': 6,
'increment_max': 8,
'timeout': 1800 # 30 minutes
\\\\}
]
# Execute attacks
for config in attack_configs:
print(f"Running \\\\{config['name']\\\\} attack...")
session_name = self.crack_passwords(hash_file, config)
if session_name:
result = self.monitor_session(session_name, config.get('timeout'))
if result:
result['attack_method'] = config['name']
audit_results['sessions'].append(result)
# Get final results
cracked_passwords = self.get_cracked_passwords(hash_file, best_mode)
audit_results['total_cracked'] = len(cracked_passwords)
# Analyze password strength
if cracked_passwords:
strength_analysis = self.analyze_password_strength(cracked_passwords)
audit_results.update(strength_analysis)
# Generate report
report_file = os.path.join(output_dir, "hashcat_audit_report.html")
self.generate_comprehensive_report(audit_results, report_file)
audit_results['end_time'] = time.time()
audit_results['duration'] = audit_results['end_time'] - audit_results['start_time']
print(f"Audit completed in \\\\{audit_results['duration']:.2f\\\\} seconds")
print(f"Cracked \\\\{audit_results['total_cracked']\\\\} of \\\\{audit_results['total_hashes']\\\\} passwords")
return audit_results
def main(): parser = argparse.ArgumentParser(description='Hashcat Password Audit') parser.add_argument('--hash-file', required=True, help='Hash file to crack') parser.add_argument('--wordlists', nargs='+', help='Wordlist files') parser.add_argument('--hash-mode', help='Hash mode (auto-detect if not specified)') parser.add_argument('--output', default='/tmp/hashcat_audit', help='Output directory') parser.add_argument('--hashcat-path', default='hashcat', help='Path to Hashcat executable')
args = parser.parse_args()
# Initialize auditor
auditor = HashcatAuditor(args.hashcat_path)
# Verify installation
if not auditor.verify_hashcat_installation():
print("Hashcat not properly installed or configured")
sys.exit(1)
# Run audit
results = auditor.run_comprehensive_audit(
args.hash_file,
args.wordlists or [],
args.output
)
if results:
print("Password audit completed successfully")
else:
print("Password audit failed")
sys.exit(1)
if name == "main": main() ```_
Integrationsbeispiele
CI/CD Integration
```yaml
Jenkins Pipeline for Hashcat Integration
pipeline \\{ agent \\{ label 'gpu-enabled' \\}
environment \\\\{
HASH_FILE = 'extracted_hashes.txt'
WORDLIST = '/opt/wordlists/rockyou.txt'
HASHCAT_PATH = '/usr/local/bin/hashcat'
\\\\}
stages \\\\{
stage('Extract Hashes') \\\\{
steps \\\\{
script \\\\{
// Extract hashes from application
sh '''
# Extract user password hashes
python3 extract_hashes.py --output $\\\\{HASH_FILE\\\\}
# Verify hash file
if [ ! -s $\\\\{HASH_FILE\\\\} ]; then
echo "No hashes extracted"
exit 1
fi
echo "Extracted $(wc -l < $\\\\{HASH_FILE\\\\}) hashes"
'''
\\\\}
\\\\}
\\\\}
stage('Password Audit') \\\\{
steps \\\\{
script \\\\{
// Run Hashcat audit
sh '''
python3 hashcat_audit.py \
--hash-file $\\\\{HASH_FILE\\\\} \
--wordlists $\\\\{WORDLIST\\\\} \
--output ./hashcat-results \
--hashcat-path $\\\\{HASHCAT_PATH\\\\}
'''
\\\\}
\\\\}
\\\\}
stage('Process Results') \\\\{
steps \\\\{
// Archive results
archiveArtifacts artifacts: 'hashcat-results/**/*', fingerprint: true
// Publish report
publishHTML([
allowMissing: false,
alwaysLinkToLastBuild: true,
keepAll: true,
reportDir: 'hashcat-results',
reportFiles: '*.html',
reportName: 'Hashcat Audit Report'
])
// Check for weak passwords
script \\\\{
def weakPasswords = sh(
| script: "grep -c 'weakness_score.[3-9]' hashcat-results/.html | | true", | returnStdout: true ).trim()
if (weakPasswords.toInteger() > 0) \\\\{
currentBuild.result = 'UNSTABLE'
echo "Found $\\\\{weakPasswords\\\\} weak passwords"
\\\\}
\\\\}
\\\\}
\\\\}
\\\\}
post \\\\{
always \\\\{
// Clean up sensitive data
sh 'rm -f $\\\\{HASH_FILE\\\\} hashcat-results/*.potfile'
\\\\}
failure \\\\{
// Send notification
emailext (
subject: "Password Audit Failed: $\\\\{env.JOB_NAME\\\\} - $\\\\{env.BUILD_NUMBER\\\\}",
body: "Password audit failed. Check console output for details.",
to: "$\\\\{env.SECURITY_TEAM_EMAIL\\\\}"
)
\\\\}
\\\\}
\\} ```_
Fehlerbehebung
Gemeinsame Themen
GPU Erkennungsprobleme: ```bash
Check GPU drivers
nvidia-smi # For NVIDIA clinfo # For OpenCL
Verify Hashcat GPU detection
hashcat -I
Install missing drivers
NVIDIA:
sudo apt install nvidia-driver-470 nvidia-opencl-dev
AMD:
sudo apt install mesa-opencl-icd
Test GPU functionality
hashcat -b -m 0 ```_
Leistungsfragen: ```bash
Check system resources
nvidia-smi htop free -h
Optimize workload
hashcat -w 3 # High workload hashcat -w 4 # Nightmare mode
Adjust kernel parameters
hashcat -n 1024 -u 256
Monitor temperature
watch -n 1 nvidia-smi ```_
Memory Issues: ```bash
Reduce memory usage
hashcat --segment-size=32
Use smaller wordlists
head -1000000 rockyou.txt > small_wordlist.txt
Split large hash files
split -l 1000 large_hashes.txt hash_part_ ```_
Leistungsoptimierung
Optimierung der Hashcat-Leistung:
```bash
GPU Optimization
Use all available GPUs
hashcat -d 1,2,3,4
Optimize workload for GPU
hashcat -w 4 # Maximum performance
Tune kernel parameters
hashcat -n 1024 -u 256
Memory Optimization
hashcat --segment-size=1024
CPU Optimization
Disable CPU usage for GPU-only attacks
hashcat --opencl-device-types=2
Benchmark optimization
hashcat -b -m 1000 --runtime=60 ```_
Sicherheitsüberlegungen
Operationelle Sicherheit
Datenschutz: - Verschlüsseln von Hash-Dateien und geknackten Passwort-Datenbanken - Umsetzung sicherer Datenschutzbestimmungen für Audit-Ergebnisse - Zugriff auf Passwort-Cracking-Tools und Ergebnisse steuern - Sichere Übertragung von Hash-Dateien und Audit-Berichten - Regelmäßige Reinigung von temporären Dateien und Sitzungsdaten
Rechtliche und ethische Überlegungen: - Nur Crack-Passwörter, die Sie besitzen oder haben ausdrückliche Erlaubnis zu testen - Rechtsanforderungen für Passwort-Sicherheitstests verstehen - Durchführung richtiger Datenverarbeitungsverfahren für sensible Informationen - Respektieren Sie Privatsphäre und Vertraulichkeit von Benutzerinformationen - Dokumente Passwörter Auditing Aktivitäten für Compliance Zwecke
Hardware-Sicherheit
GPU Sicherheit: - GPU Temperatur und Leistung überwachen - Implementieren Sie die richtige Kühlung für erweiterte Operationen - Regelmäßige Wartung der GPU-Hardware - Sicherer physischer Zugang zu Rißsystemen - Backup- und Recovery-Prozeduren für Hardwareausfälle
Referenzen
- Hashcat Offizielle Dokumentation
- [Hashcat GitHub Repository](https://__LINK_5___
- (__LINK_5___)
- [Password Security Guidelines](__LINK_5___
- [Hash Algorithm Referenz](LINK_5