0 
hash: 341A451DCF7E552A237D49A63BFBBDF1 salt: 1234

I have a word bank I generated using CeWL that I think I am supposed to use. But when I run

hashcat --force -a 0 -m 0 341A451DCF7E552A237D49A63BFBBDF1 custom_dict.txt

I get no hits. I have tried changing the hash mode too and nothing comes back. Am I going down the wrong rabbit hole what's the best way to do this?

Improve this question
1
  • 1
    "I have tried changing the hash mode" -- what did you try? Did you try hash types with a salt? Commented Mar 28, 2023 at 5:18

1 Answer 1

Reset to default
1

-m 0 is raw md5, so there is no salt used. Hashcat operates by hashing the words in your dictionaries using the same algorithm and comparing it to the hash. If the hash matches the hash you're trying to crack you were successful.

Since it's a salted hash, you should use 10 or 20 instead of 0, depending on the algorithm used to generate the password.

10 = md5($pass.$salt) 20 = md5($salt.$pass)

You'll also need to supply the salt along with the hash, so 341A451DCF7E552A237D49A63BFBBDF1:1234 as this allows hashcat to include the salt when generating hashes from the dictionary.

So your command should look something like this:

hashcat -a 0 -m 10 341A451DCF7E552A237D49A63BFBBDF1:1234 custom_dict.txt

You can verify that it works by performing the following steps...

  1. Generate a hash:
echo -n "1234password" | md5sum - d5b1ee4b463dc7db3b0eaaa0ea2cb5b4 -
  1. Crack the hash
hashcat --force -a 0 -m 20 d5b1ee4b463dc7db3b0eaaa0ea2cb5b4:1234 rockyou.txt ....
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.