Hashcat is a powerful password cracking tool that is able to crack passwords at speed through the use of GPU cracking. GPU cracking uses the Graphics Processing Unit of a computer to perform the same process as normal password cracking (taking a word, hashing it and comparing the value to a hashed password) but is several orders of magnitude faster. This is why it is used by security researchers, consultants, and attackers.

To use hashcat it is important to define the hashing algorithm used, this is with the -m flag, this flag will always be a numerical value associated to a hashing algorithm. A typical hashcat command may look like the following:

Hashcat -m <hashing algorithm id> <hashes> <wordlist>

‍

It is also possible to use the --user flag to identify which cracked hash belonged to which user account.

As with other tools, hashcat will produce a potfile with all historically cracked passwords in it.

Common hashing algorithms and their corresponding -m flag value are shown below:

1800 – SHA-512

1000 – NTLM

3000 – LM

500 – MD5

8900 – scrypt

7401 – SHA256crypt

‍