1
00:00:00,590 --> 00:00:06,490
All right now that we have everything ready I have hashcash already extracted in here.

2
00:00:06,600 --> 00:00:13,300
I have my handshake and my wordlist so I'm ready to use hash cut to crack the password.

3
00:00:13,740 --> 00:00:16,350
So first of all we have to open the command prompt.

4
00:00:16,410 --> 00:00:18,590
So I'm going to go to the Start Menu.

5
00:00:18,960 --> 00:00:21,850
I'm going to type ACMD to access my command prompt.

6
00:00:23,430 --> 00:00:27,720
Now I'm going to navigate to the location where I extracted hash cut.

7
00:00:27,960 --> 00:00:29,750
So it was in C..

8
00:00:29,970 --> 00:00:31,590
So I'm going to do is I'm going to do.

9
00:00:31,590 --> 00:00:37,010
See the forward slash to go all the way back to the root of the C directory.

10
00:00:37,860 --> 00:00:41,480
Then I'm going to do to list all available directories.

11
00:00:41,490 --> 00:00:44,290
This is the equivalent to ls in Linux.

12
00:00:45,960 --> 00:00:49,410
And as you can see now I have a directory called hash cat.

13
00:00:49,830 --> 00:00:55,950
So I want to navigate into that and to do that we're going to do see the hash cat and I'm going to press

14
00:00:55,960 --> 00:01:03,890
tab to autocomplete and then I'm going to do there again to list all the files in this current directory.

15
00:01:04,020 --> 00:01:07,140
And as you can see I have hashcash pineries in here.

16
00:01:07,140 --> 00:01:11,610
I have a 32 bit and 64 bit binary.

17
00:01:11,610 --> 00:01:18,850
So you need to run the one that's compatible with your processor and you can see I also have my handshake

18
00:01:18,930 --> 00:01:23,870
that I copied earlier and I have my word list right there.

19
00:01:25,120 --> 00:01:26,390
Now to run Hauschka.

20
00:01:26,480 --> 00:01:35,350
We're going to do hash cat 64 dot X and I'm going to do dash dash help to see all the options and arguments

21
00:01:35,350 --> 00:01:43,580
that I can use with the tool and as you can see we get a big list that show us all the options and how

22
00:01:43,580 --> 00:01:47,410
to exactly use the tool.

23
00:01:47,420 --> 00:01:50,990
So at the top here you can see the usage of the tool.

24
00:01:50,990 --> 00:01:54,780
So this is the default syntax that you should use the tool with.

25
00:01:55,160 --> 00:01:59,970
And this is exactly the same whether you use the tool from Linux or from windows.

26
00:02:00,080 --> 00:02:02,100
So I'm showing you how to use it from Windows.

27
00:02:02,180 --> 00:02:08,600
But if you manage to install your graphics card drivers on your Linux then you can use it the same way

28
00:02:08,600 --> 00:02:10,470
that I'm showing you here.

29
00:02:10,490 --> 00:02:16,460
So basically you need to give the full name at the start which is Hauschka and then we're going to set

30
00:02:16,460 --> 00:02:21,860
the options and you can see we have a big list of options here at the bottom.

31
00:02:22,470 --> 00:02:27,570
Then you are going to give the file that contains the data that you want to crack.

32
00:02:27,630 --> 00:02:35,070
And in our case the hate C-cup X-File followed by the dictionary to run the attack.

33
00:02:35,160 --> 00:02:38,990
And in our case it's going to be called Raku.

34
00:02:39,180 --> 00:02:43,440
So I'm going to type in flashcard now because I'm on Windows.

35
00:02:43,440 --> 00:02:46,250
I'm going to have to type Pashka 64 the X.

36
00:02:46,410 --> 00:02:52,050
But if you're on Linux you're just going to do Hosh card then we're going to have to set the options.

37
00:02:52,050 --> 00:02:57,280
And as you can see we have a huge list of options that we can set for each option.

38
00:02:57,300 --> 00:03:01,670
We can see the option name we can see the type.

39
00:03:01,680 --> 00:03:07,480
So this is the value that this option can take it can be a number it could be a file could be a character.

40
00:03:07,850 --> 00:03:09,340
We can see that description.

41
00:03:09,350 --> 00:03:16,070
So this tells us what we can set with this option and then we have an example at the end showing us

42
00:03:16,070 --> 00:03:21,240
an example of setting this option to a certain value.

43
00:03:21,240 --> 00:03:26,920
Now the first option or argument that I want to use is the minus capital.

44
00:03:27,540 --> 00:03:33,450
And it's the description you can see that this argument will show us information about the devices in

45
00:03:33,450 --> 00:03:37,530
this computer that can be used for cracking.

46
00:03:37,540 --> 00:03:46,200
So if we just do minor you can see that we have two devices that we can use for cracking.

47
00:03:46,250 --> 00:03:54,140
We have my device number one which is the GP you and it has an idea of one and you can see all the information

48
00:03:54,380 --> 00:04:04,330
about this device in here including its memory then we can see we have another device and that is astrology

49
00:04:04,600 --> 00:04:05,700
for you.

50
00:04:05,840 --> 00:04:10,270
And again you can see all the information related to this device.

51
00:04:12,440 --> 00:04:17,370
Now the next option that I want to use is D-minus m.

52
00:04:17,590 --> 00:04:19,970
Now this specifies the Hosh type.

53
00:04:19,990 --> 00:04:26,140
So the type of hash that you want to crack now the hash type is a number.

54
00:04:26,160 --> 00:04:32,580
So we have to give a number that corresponds to the hash that we want to crack and the free scroll down

55
00:04:34,620 --> 00:04:41,550
you'll see that we have a table called hash modes and it contains all the hashes that we can crack on

56
00:04:41,560 --> 00:04:44,160
their corresponding number.

57
00:04:44,160 --> 00:04:54,640
So my target is a WPA Hosh or WPA 2 and you can see that the number corresponding to this is 2500 so

58
00:04:54,850 --> 00:05:01,990
to set this option we're going to do minus and and we're going to put 2500 to tell Hoshko that I want

59
00:05:01,990 --> 00:05:07,430
to cry a WPA or WPA too harsh.

60
00:05:07,580 --> 00:05:11,590
Now the next option that I want to set is the minus D.

61
00:05:12,510 --> 00:05:16,610
To tell hashcash which device I want to use for cracking.

62
00:05:16,910 --> 00:05:23,500
So when we did minus I mean we had two devices we had number one which was my GP you and we had number

63
00:05:23,510 --> 00:05:26,750
two which was my CPQ.

64
00:05:26,870 --> 00:05:35,020
So I want to use the GP for cracking and therefore I'm going to do my nails minus the one.

65
00:05:35,200 --> 00:05:41,800
Now let's go up and have another look on the usage of the tool to make sure that we're using it properly.

66
00:05:41,800 --> 00:05:43,200
So we've already said Hauschka.

67
00:05:43,220 --> 00:05:49,870
We've already set the options and the next thing that we need to do is to give the cap X-File followed

68
00:05:49,870 --> 00:05:52,200
by the wordless file.

69
00:05:52,330 --> 00:06:00,530
So we've already converted our handshake to the Hitachi cap x extension and we placed it with the wordlist

70
00:06:00,550 --> 00:06:03,250
both in the same directory as Hosh cut.

71
00:06:03,250 --> 00:06:08,090
So that's our current working directory as you can see here.

72
00:06:08,090 --> 00:06:11,400
I have my wordlist.

73
00:06:11,570 --> 00:06:15,160
I have my hate C-cup file right here.

74
00:06:18,800 --> 00:06:30,080
So my handshake is called handshake doated C-cup X and my word list is called Rock You dirty XTi.

75
00:06:30,160 --> 00:06:32,080
So now our command is done.

76
00:06:32,230 --> 00:06:39,370
And let me go over just one more time so that it's clear to you first of all we put the tool name which

77
00:06:39,370 --> 00:06:40,320
is Hauschka.

78
00:06:40,390 --> 00:06:43,870
And we put Sixty-Four because I have a 64 bit processor.

79
00:06:44,050 --> 00:06:53,800
So we're doing hashcash 64 RTX either word do in-dash to specify the hash type and I'm put in 2500 because

80
00:06:54,100 --> 00:06:56,250
we weren't on the hash Mode's table.

81
00:06:56,350 --> 00:07:02,630
And we've seen that 2500 is the number for WPA and WPA to hushes.

82
00:07:02,810 --> 00:07:10,460
Then I did dash the and I put number one to tell Hoshko that I want to use device number one for cracking.

83
00:07:10,460 --> 00:07:17,190
That's my GP you and I was able to see all my devices by doing hotshot dash.

84
00:07:17,420 --> 00:07:23,240
So we did that at the start and we've seen the list and then we've seen that device number one corresponds

85
00:07:23,240 --> 00:07:30,940
to my GP you then according to the usage of the tool we see that we have to specify the handshake file

86
00:07:30,940 --> 00:07:37,990
after that and I've already converted my handshake file to a hasty CapEx extension and it's already

87
00:07:37,990 --> 00:07:39,340
in the same working directory.

88
00:07:39,340 --> 00:07:45,040
That's why I don't need to give a full path and it's called handshake to take CapEx.

89
00:07:45,130 --> 00:07:51,760
And finally we had to we have to give the wordlist and again the wordlist and the same working directory

90
00:07:51,760 --> 00:07:57,220
so we don't have to give a full path and we just had to say Raku that the XTi which is the name of my

91
00:07:57,230 --> 00:07:59,380
wordlist.

92
00:07:59,440 --> 00:08:07,090
Now I'm going to hit enter and hashcash it is going to start the cracking process using my GP you instead

93
00:08:07,090 --> 00:08:08,110
of the C.P. you

94
00:08:11,480 --> 00:08:16,400
now as you can see we can actually pause and rescue him using the P and R if we want.

95
00:08:16,640 --> 00:08:22,520
And this way we'll be able to save our progress so that we can stop and come back to the cracking whenever

96
00:08:22,520 --> 00:08:23,030
we want

97
00:08:25,960 --> 00:08:26,470
OK.

98
00:08:26,480 --> 00:08:34,370
Now as you can see hashed out is done and it's managed to get the password for me and this is the network

99
00:08:34,370 --> 00:08:36,230
name so that's the name of my network.

100
00:08:36,380 --> 00:08:43,650
And you can see that in my house to get me the password which is one two three four a b c d.

101
00:08:43,830 --> 00:08:49,610
It took it one minute and seven seconds to get to this password and I've actually moved the password

102
00:08:49,610 --> 00:08:57,260
manually to the end of the wordlist to make sure that we go through the whole wordlist and the structure.

103
00:08:57,260 --> 00:09:01,460
Now let me show you how big the wordlist is it's actually not a small world.

104
00:09:01,480 --> 00:09:04,090
It's not a huge wordlist but it's big enough.

105
00:09:04,090 --> 00:09:06,280
So one minute and seven seconds.

106
00:09:06,290 --> 00:09:09,960
It's a really really good time to go through this wordlist.

107
00:09:10,040 --> 00:09:16,450
So I'm just going to open it right here and I'm going to scroll all the way down.

108
00:09:18,950 --> 00:09:26,630
And as you can see we managed to go through about 14 million passwords within one minute seven seconds.

109
00:09:26,630 --> 00:09:31,640
Now put my password is actually at the bottom but it's not the very last password so it's around 14

110
00:09:31,640 --> 00:09:32,330
million.

111
00:09:32,480 --> 00:09:38,380
But this is a very impressive time compared to the time that you get with you.

112
00:09:38,630 --> 00:09:42,820
Again 14 million passwords within one minute seven seconds.

113
00:09:43,920 --> 00:09:46,920
Now I'm not using the best GP you in the market.

114
00:09:46,920 --> 00:09:51,470
So if you have a better GP you then you'll be even faster than this.

115
00:09:51,540 --> 00:09:55,840
But even with that it's a very very good time.

116
00:09:55,920 --> 00:10:02,820
So as you can see using the GP will make the cracking process much much faster than what it would be

117
00:10:02,880 --> 00:10:07,300
if we're using a C.P you even if you're C-p is very fast.

118
00:10:07,320 --> 00:10:15,140
Now just as an idea or for something for you to try as practice you can actually pipe crunch to hashcash

119
00:10:15,540 --> 00:10:19,240
exactly the same way that I showed you how to do it with aircraft.

120
00:10:19,530 --> 00:10:24,990
So you can practice that yourself and hashcash already supports pas and rescue.

121
00:10:25,140 --> 00:10:30,060
So you'll be able to use huge or at least you'll be able to save your progress.

122
00:10:30,120 --> 00:10:32,890
And you'll also be using your GP for the cracking.

123
00:10:32,910 --> 00:10:38,250
So you'll be able to go through the wordlist much faster than what you would if you're using aircraft

124
00:10:38,280 --> 00:10:38,670
ngi.