# Crack The Hash I'm new to cracking hashes and looking at the passwords combinations list on [Hashcat.net](https://hashcat.net/wiki/doku.php?id=example_hashes) scares me, however its a nice little room to break you in gently. ![](/files/-MPaa6tJyzvm9q9ncnXN) **Introduction**\ \ This room starts with some nice little hashes which can be found online at [Crackstation](https://crackstation.net/) but I opted to use hashid in Kali. If you want to use it also simply open up a terminal and type \ \ **hashid \** \ \ I'm not saying this is 100% however it got me through the first batch and even some on Task 2. ![hashid](/files/-MPaad7I901_vkvjFiCh) **Task 1** \ \ \&#xNAN;*1.1*\ **48bb6e862e54f2a795ffc4e541caed4d**\ easy\ \ MD5 > hashcat -m 0 hash.txt rockyou.txt \ \ \&#xNAN;*1.2*\ **CBFDAC6008F9CAB4083784CBD1874F76618D2A97**\ password123\ \ SHA1 > hashcat -m 100 hash.txt rockyou.txt\ \ \&#xNAN;*1.3*\ **1C8BFE8F801D79745C4631D09FFF36C82AA37FC4CCE4FC946683D7B336B63032**\ letmein\ \ SHA2-256 > hashcat -m 1400 hash.txt rockyou.txt\ \ \&#xNAN;*1.4*\ \&#xNAN;**$2y$12$Dwt1BZj6pcyc3Dy1FWZ5ieeUznr71EeNkJkUlypTsgbX1H68wsRom**\ bleh\ \ Bcrypt, blowfish (unix) > hashcat -m 3200 hash.txt rockyou.txt \ \ \&#xNAN;*1.5*\ **279412f945939ba78ce0758d3fd83daa**\ Eternity22\ \ hashid 279412f945939ba78ce0758d3fd83daa > MD4 -m 900\ \ Didn't find anything, So I made use of the Best64.rule in the event of any changes in the password and so there was, this is available on hashcat and does the following ![Best64.rule ](/files/-MPajAh1TrKANaAuURHl) There are more available just visit [Best64 Rule Details](https://www.question-defense.com/2012/04/21/hashcat-best64-rule-details-updated-after-the-best64-challenge) to get more info. This rule can also be found in your Kali under usr>share>hashcat>rules \ \ Command > hashcat -m 900 hash.txt rockyou.txt -r Best64.rule \ \ This password was cracked in about 3 seconds. ![](/files/-MPabdW0UFwQ94YkKtVW) **Task 2** \ \ \&#xNAN;*2.1*\ **Hash: F09EDCB1FCEFC6DFB23DC3505A882655FF77375ED8AA2D1C13F640FCCC2D0C85**\ paule\ \ SHA2-256 > hashcat -m 1400 hash.txt rockyou.txt\ \ \&#xNAN;*2.2*\ **Hash: 1DFECA0C002AE40B8619ECF94819CC1B**\ n63umy8lkf4i\ \ NTLM > hashcat -m 1000 hash.txt rockyou.txt \ \ \&#xNAN;*(Mixed alpha:numeric took 14 seconds)*\ \ \&#xNAN;*2.3*\ **Hash: $6$aReallyHardSalt$6WKUTqzq.UQQmrm0p/T7MPpMbGNnzXPMAXi4bJMl9be.cfi3/qxIf.hsGpS41BqMhSrHVXgMpdjS6xeKZAs02.** Salt: aReallyHardSalt Rounds: 5\ waka99\ \ Thankfully using the [Hash Type Identifie](https://hashes.com/en/tools/hash_identifier)r made this task easier and helped identify this hash as SHA512crypt so cross referencing this with Hashcat.net helped me get the code **-m 1800** to crack this but it took a while. \
![Hash Identifier ](/files/-MPadyaG5wVx8Q8yCBfL) *2.4*\ **Hash: e5d8870e5bdd26602cab8dbe07a942c8669e56d6**\ Salt: tryhackme\ 481616481616\ \ This was similar to above however I couldn't just use SHA i had to check the hint which annoyed me because i had gone down the list on HashCat and stopped at 140, I was 2 away from getting it on my own. \ \ Just so you know, create a txt file save to desktop and add the **hash:salt** and save the file then crack it in ***hashcat -m 1600 hash.txt rockyou.txt*** ![](/files/-MPacoskXTO1VIXSfQeF) ![](/files/-MPaf3rBAzB4WCV_yUNf) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://lightorithm.gitbook.io/searchlight/crack-the-hash.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.