The number of options may seem intimidat

Posted: May 4, 2012 in Uncategorized

The number of options may seem intimidating at first, but once you get used to them, they are easy to
remember. Most are self-explanatory so take the time to read each one.
I’m going to skip the first 3 options since they explain themselves fairly well. However the remainder I will
explain in further detail.
–remove : Adding this will delete the hash from your list when it is cracked. It requires no further input.
This will prevent you from having to attack the same hash twice, since it will be removed when cracked.
Default: not used
–quiet : Supresses all output except for errors, and recovered hashes. Default: not used
–stdout : Rather than try to recover passwords, hashcat simply outputs to the terminal window.
–disable-potfile : Prevents Hashcat from writing recovered hashes to hashcat.pot. Default: not used
–rules-file=FILE or –r : Adding this will allow hashcat to use the rule file specified. Hashcat will then run
the specified rules against the current attempt. Default: not used
–rules-file=rules/best64.rule or -r rules/best64.rule
–output-file=FILE or –o : Specifies where cracked hashes should be written to. This should be used if you
plan to keep the hashes, or do not want to copy/paste them from a terminal or command prompt. Work
smarter not harder. Default: not used
–output-file=cracked.out or –o cracked.out
–output-format=NUM : NUM can be 0, 1, or 2. Generally not needed, but if a plain text contains hex
characters this will need to be specified to prevent bad plain texts. Default: Mode 0
–salt-file=FILE or –e : Specifies a list of pre-generated salts to be used in a session. This is used when a
salted hash is missing the salt. Default: not used
–debug-file=FILE : Specify the file that debug information should be written to. Default: not used
–debug-mode=NUM : Writes either the finding rule, original word, or the mutated word that was successful
against the provided hash(s) to –debug-file=. Default: not used
–seperator-char=CHAR or –p : Used to specify a separator in a hash list. IE hash:username:guid –p : would
tell hashcat how to read where a field ends. Default: ‘:’
-p :
–threads or –n : For use on multi-threaded processors. Almost all processors contain multiple cores, set this
accordingly. If you have a quad core processor, set –n 4, or –n 6 for hexacore. If you run a multi-processor
system, set –n to the number of cores * number of physical processors. IE dual hexacore would be 6 (cores) *
2 (processors) = 12 (total threads). Default: 8
–n 12
–segment-size=NUM or –c : Specifies the amount of memory in MB that should be allowed for caching of
wordlists. If you are working with a limited amount of memory, this could be set so as not to interfere with
other services. The following switch would allow 10MB of words from your list to be cached. Default: 32
–c 10
–words-skip=NUM or –s : Skips the provided number of words when resuming a stopped session. This
prevents running words against your hash list again which would increase the amount of time that an instance
would take. The following switch would skip the first 100000 words. Default: not used
–s 100000
–words-limit=NUM or –l : Specifies the number of words that should be processed. This is useful when
recovering the same list of hashes across multiple computers so the same computer never runs words that are
being processed by another. The following switch would only use the first 20000 words. Default: not used
–l 20000
–generate-rules=NUM or –g : Tells hashcat to generate NUM rules to be applied to each attempt. The
following switch would have hashcat to randomly generate 512 rules on the fly to be used for that session.
This can eliminate the need for large rule files, though targeted rule files can increase your chance of
recovering a plain text password. Default: not used
–g 512
–generate-rules-func-min/max=NUM : Specifies the number of functions that should be used. This number
can be…


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s