Search:

Password Analysis To Hashcat (PATH) Script

Sunday, June 03, 2012

f8lerror

71d85bb5d111973cb65dfee3d2a7e6c9

What is PATH? It is a script that integrates password analysis and Hashcat.

First and foremost let me say, I do not code on a regular basis. I created this script out of necessity and part laziness. DigiNinja's Password analysis tool Pipal is what got me thinking about creating this.

I found myself analyzing list with Pipal and taking the Hashcat masks from the output one by one back into Hashcat. From time to time my box would sit idle because I didn't know the exact moment the bruteforce had completed and sometimes it sat idle for hours.

I grew tired of waiting and restarting Hashcat so I automated it and PATH was born. PATH is written in Python and is simple to use with a few command line options.

PATH can take a list of passwords then generate Hashcat masks and display them. However, the fun part comes in when you apply the cracking option. This takes your list, analyzes it, generates the masks and starts the brute-force attack, with each mask sequentially.

You can also start with just a list of hashes and a large dictionary and the cracking option. PATH can take this list start a dictionary attack, analyze the output, generate the masks and start the brute-force attack. You can even specify rules, if you do it will run the plain dictionary first then run it again with the rule applied.

Here is the help file:

Password Analysis To Hashcat (PATH): Generate Hashcat Masks From A Wordlist

Start a BruteForce Attack With The Results

optional arguments:

-h, --help show this help message and exit

-i INPUT, --input: Input File Name for Mask Analysis

-t TOP, --top:How Many Values Outputted Default 10

-o OUTPUT, --output: Output File Name

-c, --crackmode: Enables Brute ForceCrack Mode

-s SDICT, --sdict: Initial Dictionary

-p PHASH, --phash: Password Hash Type

-l HASHLIST, --hashlist: List of Hashes

-r RULES, --rules: Apply Rules to Inital Dictionary

-u, --usage How to Use This Tool

Example usage:

python PATH.py -s bigdict.txt -l hashes.txt -p 0 -o output.txt -c

python PATH.py -i plain.txt -c

(click image to enlarge)

This script requires a minimum of Python 2.7 and HashcatPlus. As long as the switches in Hashcat stay the same it should continue to work fine as versions progress. *This was tested only with MD5, LM and NTLM hashes. You must define the location of HashcatPlus in the script prior to running it.

You can copy and past the code from my site http://tickorone.wordpress.com/2012/06/02/password-analysis-to-hashcat-path-script/ or the infosecisland admins can paste it in here.

Cross-posted from TickOrOne

Share This! |
4217
Network Access Control
Post Rating I Like this!
Comments:
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked


Latest Member Comments

"I thought this article discuss a very important issue of security.If we have well developed technology in one particular field then we ..."

Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013

"ATM machine are for our convenience but if we are not careful they can compromise our safety. Discount theater tickets "

ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013

"A expressive case study is used to explore causation in order to find underlying principles. Case studies may be prospective in which c..."

New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013

"In the social sciences and life sciences a case study or case report is a descriptive or descriptive analysis of a someone, group or ev..."

Case Study: A Cloud Security Assessment... Caitlin Rachel on 05-21-2013
Latest Posts