Home SecurityNetwork Security Hashcat explained: Why you might need this password cracker

Hashcat explained: Why you might need this password cracker

by ethhack

What is Hashcat?

Hashcat is a popular and effective password cracker widely used by both penetration testers and sysadmins as well as criminals and spies.

Cracking passwords is different from guessing a web login password, which typically only allows a small number of guesses before locking your account. Instead, someone who has gained access to a system with encrypted passwords (“hashes”) will often try to crack those hashes to recover those passwords.

Passwords are no longer stored in plaintext (or shouldn’t be, anyway). Instead, passwords are encrypted using a one-way function called a hash. Calculating a password like “Password1” into a hash is lightning quick. What if all you’ve got is the hash? A brute-force attack to reverse the hash function and recover the password could be computationally infeasible. Like, until the heat death of the universe infeasible.

Luckily, or unluckily depending on your point of view, none of us is likely to live that long, but there are many ways to reverse a hash to recover the original password without resorting to a probably fruitless brute-force attack.

Enter hashcat.

It turns out humans are so predictable in their password choices that hashcat can often recover a password.

Copyright © 2020 IDG Communications, Inc.

Source link

Related Articles

Leave a Comment