Skip to content

Common hashcat commands #

Rulesets #

My Practice Ruleset #

  • ROCKYOU.txt!!!!!
  • Try create a custom password list containing all the passwords either
  • Leaked from that country (public and private sector breaches)
  • What you have encountered yourself in that country. (Remove PII or personally identifying ones)
  • -m 1000 : NTLM - From sam dump, secretsdump, ntdsutil dump
  • -m 5600 : NetNTLMv2 (i.e. Captured hash from Responder)
  • -m 13000 : Kerberoast output

Practical Brute-Force #

1
2
3
4
5
.\hashcat.exe -a 3 -m 1000 --session=company-bruteforce --force -O .\dumped_hashes.txt ?u?l?l?l?d?d?d?d
.\hashcat.exe -a 3 -m 1000 --session=company-bruteforce --force -O .\dumped_hashes.txt ?u?l?l?l?d?d?d?d?s
.\hashcat.exe -a 3 -m 1000 --session=company-bruteforce --force -O .\dumped_hashes.txt ?u?l?l?l?s?d?d?d?d
.\hashcat.exe -a 3 -m 1000 --session=company-bruteforce --force -O .\dumped_hashes.txt ?u?l?l?s?d?d?d?d
.\hashcat.exe -a 3 -m 1000 --session=company-bruteforce --force -O .\dumped_hashes.txt ?u?l?l?d?d?d?d?s

Last update: October 10, 2021