{"id":151,"date":"2020-04-18T01:00:04","date_gmt":"2020-04-17T23:00:04","guid":{"rendered":"http:\/\/linuxboxen2.dk\/?p=151"},"modified":"2020-04-18T01:00:04","modified_gmt":"2020-04-17T23:00:04","slug":"hashcat","status":"publish","type":"post","link":"https:\/\/www.linuxboxen.dk\/?p=151","title":{"rendered":"hashcat"},"content":{"rendered":"\n<p>F\u00f8rste parameter er <strong>-m<\/strong> den beskriver hvilken hash mode\/type som skal bruges. Der er over 200 og flere kommer til. Hvilken type du skal bruge bestemmes af hvilken type password du skal finde. S\u00e5 derfor er det vigtigt at finde typen af hash som bliver brugt inden du g\u00e5r i gang. <span class=\"tlid-translation translation\">Nogle hash har signaturer, der giver en st\u00e6rk indikation af hvilken algoritme type som bliver brugt, s\u00e5som &#8220;$1$&#8221; til md5crypt. Normalt kan du stole p\u00e5 disse oplysninger; Denne identifikationsmetode er dog ikke sikker.\u00a0 <\/span><\/p>\n<p><span class=\"tlid-translation translation\">For hash der ikke har nogen signatur, er det n\u00e6sten umuligt at skelne hvilken algoritme der blev brugt. En streng p\u00e5 32 hex tegn kan v\u00e6re LM, NTLM, MD4, MD5, dobbelt MD5, triple md5, md5 (sha512 (pass)) osv. Der er bogstaveligt talt et uendeligt antal muligheder for hvad algoritmen kan v\u00e6re! s\u00e5 v\u00e6r p\u00e5 vagt.<\/span><\/p>\n<p><span class=\"tlid-translation translation\">En meget bedre m\u00e5de at identificere hash-algoritmen p\u00e5 ville v\u00e6re at finde oprindelsen af hash type. Er det et operativsystem, applikation, webapplikation osv.) Og lave et godt g\u00e6t p\u00e5, hvad hashalgoritmen kan v\u00e6re. <\/span><\/p>\n<p><span class=\"tlid-translation translation\">Her er en liste over de mest brugte typer.<\/span><\/p>\n<h2 id=\"generic_hash_types\" class=\"sectionedit2\"><span class=\"tlid-translation translation\"><span title=\"\">Generiske hash typer<\/span><\/span><\/h2>\n<pre><span class=\"tlid-translation translation\"><span title=\"\"> Mode   Navn                             Eksempler\n<\/span><\/span>    0 - MD5\n   10 - md5($pass.$salt)               - 01dfae6e5d4d90d9892622325959afbe:7050461\n   20 - md5($salt.$pass)               - f0fda58630310a6dd91a7d8f0a4ceda2:4225637426\n   30 - md5(utf16le($pass).$salt)      - b31d032cfdcf47a399990a71e43c5d2a:144816\n  300 - MySQL4.1\/MySQL5                - fcf7c1b8749cf99d88e5f34271d636178fb5d130\n  500 - md5crypt- Cisco-IOS $1$        - $1$28772684$iEwNOgGugqO9.bIz5sk8k\/\n 1300 - SHA-224                        - e4fa1555ad877bf0ec455483371867200eee89550a93eff2f95a6198\n 1400 - SHA-256 - SHA-256              - 127e6fbfe24a750e72930c220a8e138275656b8e5d8f48a98c3c92df2caba935\n 1700 - SHA-512 - sha512($pass.$salt)  - 82a9dda829eb7f8ffe9fbe49e45d47d2dad9664fbb7adf72492e3c81ebd3e29134d9bc12212bf83c6840f10e8246b9db54a4859b7ccd0123d86e5872c1e5082f\n 1710 - SHA-512 - sha512($pass.$salt)  - e5c3ede3e49fb86592fb03f471c35ba13e8d89b8ab65142c9a8fdafb635fa2223c24e5558fd9313e8995019dcbec1fb584146b7bb12685c7765fc8c0d51379fd:6352283260\n 1720 - SHA-512 - sha512($salt,$pass)  - 976b451818634a1e2acba682da3fd6efa72adf8a7a08d7939550c244b237c72c7d42367544e826c0c83fe5c02f97c0373b6b1386cc794bf0d21d2df01bb9c08a:2613516180127\n 1800 - SHA-512 - sha512crypt (unix)   - <span style=\"color: #000000; font-family: 'Lucida Grande', Verdana, Lucida, Helvetica, Arial, sans-serif; font-size: 12.8px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: justify; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: #ffffff; text-decoration-style: initial; text-decoration-color: initial; display: inline !important; float: none;\">$6$52450745$k5ka2p8bFuSmoVT1tzOyyuaREkkKBcCNqoDKzYiJL9RaE8yMnPgh2XzzF0NDrUhgrcLwg78xs1w5pJiypEdFX\/<\/span>\n 2400 - Cisco-PIX MD5                  - dRRVnUmUHXOTt9nk\n 2410 - Cisco-ASA MD5                  - 02dMBMYkTdC5Ziyp:36\n 2500 - WPA\/WPA2                       - <a href=\"https:\/\/hashcat.net\/misc\/example_hashes\/hashcat.hccapx\">https:\/\/hashcat.net\/misc\/example_hashes\/hashcat.hccapx<\/a>\n 2501 - WPA\/WPA2 PMK                   - <a href=\"https:\/\/hashcat.net\/misc\/example_hashes\/hashcat-pmk.hccapx\">https:\/\/hashcat.net\/misc\/example_hashes\/hashcat-pmk.hccapx<\/a>\n 5700 - Cisco-IOS type 4               - 2btjjy78REtmYkkW0csHUbJZOstRXoWdX1mGrmmfeHI\n 5800 - Samsung Android Password\/PIN   - 0223b799d526b596fe4ba5628b9e65068227e68e:f6d45822728ddb2c\n 6800 - LastPass                       - a2d1f7b7a1862d0d4a52644e72d59df5:500:lp@trash-mail.com\n 7100 - OSX v10.8+                     - $ml$35460$93a94bd24b5de64d79a5e49fa372827e739f4d7b6975c752c9a0ff1e5cf72e05$752351df64dd2ce9dc9c64a72ad91de6581a15c19176266b44d98919dfa81f0f96cbcb20a1ffb400718c20382030f637892f776627d34e021bad4f81b7de8222\n11100 - PostgreSQL CRAM (MD5)          - $postgres$postgres*f0784ea5*2091bb7d4725d1ca85e8de6ec349baf6\n11600 - 7-Zip    -                     - $7z$0$19$0$salt$8$f6196259a7326e3f0000000000000000$185065650$112$98$f3bc2a88062c419a25acd40c0c2d75421cf23263f69c51b13f9b1aada41a8a09f9adeae45d67c60b56aad338f20c0dcc5eb811c7a61128ee0746f922cdb9c59096869f341c7a9cb1ac7bb7d771f546b82cf4e6f11a5ecd4b61751e4d8de66dd6e2dfb5b7d1022d2211e2d66ea1703f96<\/pre>\n<p>&nbsp;<\/p>\n<h2><span class=\"tlid-translation translation\"><span title=\"\">Specifikke hashtyper<\/span><\/span><\/h2>\n<pre><span class=\"tlid-translation translation\"><span title=\"\">Mode Navn           Eksempler<\/span><\/span>\n  12 - PostgreSQL - a6343a68d964ca596d9752250d54bb8a:postgres\n  21 - osCommerce - 374996a5e8a5e57fd97d893f7df79824:36\n 132 - MSSQL      - 0x010018102152f8f28c8499d8ef263c53f8be369d799f931b2fbe\n1722 - OSX v10.7  - 648742485c9b0acd786a233b2330197223118111b481abfa0ab8b3e8ede5f014fc7c523991c007db6882680b09962d16fd9c45568260531bdb34804a5e31c22b4cfeb32d\n<\/pre>\n<p>&nbsp;<\/p>\n<p>Fuld liste her <a href=\"https:\/\/hashcat.net\/wiki\/doku.php?id=example_hashes\">https:\/\/hashcat.net\/wiki\/doku.php?id=example_hashes<\/a><\/p>\n<p>Anden parameter er <strong>-a <\/strong>den beskriver hvilken mode du vil bruge.<\/p>\n<h2>Mode<\/h2>\n<ul>\n<li>-a 0 O<span class=\"tlid-translation translation\"><span title=\"\">rdbog angreb<\/span><\/span>.<\/li>\n<li>-a 1<span lang=\"da\"> kombination. <\/span><\/li>\n<li>-a 3 Bruce force.<\/li>\n<li>-a 6 Hybrid ordliste.<\/li>\n<li>-a 7 Hybrid mask + ordliste.<\/li>\n<li>-a 8 Du vil ikke vide det.<br \/><br \/>\u00a0<\/li>\n<\/ul>\n<p>Der er 8 modes som beskriver hvilken type attack som skal bruges. Og jeg vil forklare et par stykker her. Der er et problem n\u00e5r man skal bruge hashcat, da man normalt ikke ved hvor langt det password er som man vil cracke er. Derfor er der indbygget, en mulighed som g\u00f8r at man kan give hashcat en min og max l\u00e6nge p\u00e5 det password man vil finde.<\/p>\n<p>-a 3 S\u00e6tter attack til mask mode. d.v.s du beskriver med en maske hvordan password er opbygget. Her er et eksempel p\u00e5 en maske.<\/p>\n<p>?a<\/p>\n<p>?a betyder ?l?u?d?s eller n\u00e6sten alle normale tegn som du kan se i tabellen. Og da vi har 8 stk af dem betyder at det password som vi vil crack er 8 tegn langt, og det er et problem hvis det password som man vil finde har en anden l\u00e6nge en 8 tegn. Her med MD5 hash. hash.txt er filen som inden holder hash v\u00e6rdierne.<\/p>\n<pre>$ hashcat -m 0 -a 3 hash.txt ?a?a?a?a?a?a?a?a<\/pre>\n<p>S\u00e5 der er en mulighed mere.<\/p>\n<p>&#8211;increment beskriver at password l\u00e6ngden ikker er en fixed l\u00e6ngde.<br \/>&#8211;increment-min beskriver min l\u00e6nge p\u00e5 password.<br \/>&#8211;increment-max beskriver max l\u00e6nge p\u00e5 password.<\/p>\n<p class=\"code\">S\u00e5 i dette eksempel er min l\u00e6nge p\u00e5 2 tegn og max p\u00e5 6 tegn. Her igen med MD5 hash.<\/p>\n<p><code>$ hashcat -m 0 -a 3\u00a0--increment --increment-min 4 --increment-max 6 md5_hash.txt ?a?a?a?a?a?a?a?a<\/code><\/p>\n<p>For at crack Unix password skal du eksempelvis bruge denne hvis du ved at password er 9 tegn langt og Mode (-m) er 1800 for <span style=\"color: #000000; font-family: 'Lucida Grande', Verdana, Lucida, Helvetica, Arial, sans-serif; font-size: 12.8px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: justify; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: #ffffff; text-decoration-style: initial; text-decoration-color: initial; display: inline !important; float: none;\">sha512crypt som eks Linux bruger.<\/span><\/p>\n<pre>$ hashcat -m 1800 -a 3 hash.txt ?a?a?a?a?a?a?a?a?a --show<\/pre>\n<p>Output:<\/p>\n<pre>Session..........: hashcat\nStatus...........: Running\nHash.Type........: sha512crypt $6$, SHA512 (Unix)\nHash.Target......: <strong>$6$uezcMxLS$2ldfhX1Mr8Fm\/CxUpSqKG6ptZUs6E.dAgygWjDx...oYgAN\/<\/strong>\nTime.Started.....: Sun Dec  9 19:48:01 2018 (4 mins, 1 sec)\nTime.Estimated...: Next Big Bang (3879262 years, 64 days)\nGuess.Mask.......: ?a?a?a?a?a?a?a?a?a [9]\nGuess.Queue......: 1\/1 (100.00%)\nSpeed.Dev.#1.....:     1330 H\/s (9.93ms)\nRecovered........: 0\/1 (0.00%) Digests, 0\/1 (0.00%) Salts\nProgress.........: 323072\/630249409724609375 (0.00%)\nRejected.........: 0\/323072 (0.00%)\nRestore.Point....: 3072\/6634204312890625 (0.00%)\nCandidates.#1....: @jylerine -&gt; @,ANANANE\nHWMon.Dev.#1.....: N\/A\n\n<\/pre>\n<p><strong>Hash.Target<\/strong> vist i eksemplet ovenfor er password feltet fra shadow file.<\/p>\n<p>Og du kan ogs\u00e5 det da det kommer til at tage et stykke tid. 15012232 years, 86 days i v\u00e6rste fadt. Og s\u00e5 kan man lige s\u00e5 godt finde p\u00e5 en anden l\u00f8sning. S\u00e5 derfor kommer vi ind p\u00e5 dictary attack i stedet for Bruce force som -a 3 betyder.<\/p>\n<p><span class=\"tlid-translation translation\"><span title=\"\">Hvis du bruger hashcat med et Dictionary-angreb (-a 0), kan du angive flere ordb\u00f8ger p\u00e5 kommandolinjen som denne: <\/span><\/span><\/p>\n<p>Her igen med MD5 hash<\/p>\n<pre>$ hashcat -m 0 -a 0 hash.txt dict1.txt dict2.txt dict3.txt\n\n<\/pre>\n<p>Du kan ogs\u00e5 angive et dir som ordbog:<\/p>\n<pre>$ hashcat -m 0 -a 0 hash.txt ..\/dicdir\/*.dict\n\nEller\n\n$ hashcat -m 0 -a 0 hash.txt ..\/dicdir<\/pre>\n<p>I dette eksempel er det dicdir som bruges. S\u00e5 bruger den alle filer i det directory.<\/p>\n<p>Indbygget tegns\u00e6t<\/p>\n<ul>\n<li class=\"level1\">\n<div class=\"li\">?l = abcdefghijklmnopqrstuvwxyz<\/div>\n<\/li>\n<li class=\"level1\">\n<div class=\"li\">?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ<\/div>\n<\/li>\n<li class=\"level1\">\n<div class=\"li\">?d = 0123456789<\/div>\n<\/li>\n<li class=\"level1\">\n<div class=\"li\">?h = 0123456789abcdef<\/div>\n<\/li>\n<li class=\"level1\">\n<div class=\"li\">?H = 0123456789ABCDEF<\/div>\n<\/li>\n<li class=\"level1\">\n<div class=\"li\">?s = \u00abspace\u00bb!&#8221;#$%&amp;'()*+,-.\/:;&lt;=&gt;?@[\\]^_`{|}~<\/div>\n<\/li>\n<li class=\"level1\">\n<div class=\"li\">?a = ?l?u?d?s<\/div>\n<\/li>\n<li class=\"level1\">\n<div class=\"li\">?b = 0x00 &#8211; 0xff<br \/>\u00a0<\/div>\n<\/li>\n<\/ul>\n<p>Eksempler p\u00e5 mask.<\/p>\n<p>-1 ?dabcdef space: 0123456789abcdef<\/p>\n<p>-l ?l?d -l ?l1234567890<\/p>\n<p>-l loweralpha_numeric.hcchr # fil som indenholder alle tal + alle normale tegn.<\/p>\n<p>-a 3 ?l?l?l?l?l?l?l?l<\/p>\n<p>space: aaaaaaaa &#8211; zzzzzzzz<\/p>\n<p>-a 3 -1 ?l?d ?1?1?1?1?1<\/p>\n<p class=\"code\">space: aaaaa &#8211; 99999<\/p>\n<p>-a 3 password?d space: password0 &#8211; password9 -a 3 -1 efghijklmnop ?1?1?1 space: eee &#8211; ppp<\/p>\n<p>Et mask attack er altid beskrevet i l\u00e6ngde. Eks. hvis vi bruger en mask som &#8220;?l?l?l?l?l?l?l?l&#8221; s\u00e5 kan den kun finde password som er 8 tegn langt.<\/p>\n<p>Og hvis det password som vi vil cracke er 7 tegn langt, vil vi ikke finde det. Derfor skal vi k\u00f8re flere l\u00f8kker over l\u00e6ngden af passwordet, hvor hver gemmen l\u00f8b skal g\u00f8re l\u00e6ngden l\u00e6ngere.<\/p>\n<h2 id=\"built-in_charsets\" class=\"sectionedit7\">Download den nyeste version <a href=\"https:\/\/hashcat.net\/hashcat\/\">her<\/a><\/h2>\n<p>hash type list <a href=\"https:\/\/hashcat.net\/wiki\/doku.php?id=example_hashes\">https:\/\/hashcat.net\/wiki\/doku.php?id=example_hashes<\/a><\/p>\n<p>Du kan l\u00e6se meget mere om Hashcat <a href=\"https:\/\/hashcat.net\/wiki\/\">her<\/a><\/p>\n<div id=\"features-algos\" class=\"section\">\n<h2><span title=\"\">F\u00f8lgende algoritmer er underst\u00f8ttet<\/span><\/h2>\n<ul>\n<li>MD4<\/li>\n<li>MD5<\/li>\n<li>Half MD5<\/li>\n<li>SHA1<\/li>\n<li>SHA2-224<\/li>\n<li>SHA2-256<\/li>\n<li>SHA2-384<\/li>\n<li>SHA2-512<\/li>\n<li>SHA3-224<\/li>\n<li>SHA3-256<\/li>\n<li>SHA3-384<\/li>\n<li>SHA3-512<\/li>\n<li>Keccak-224<\/li>\n<li>Keccak-256<\/li>\n<li>Keccak-384<\/li>\n<li>Keccak-512<\/li>\n<li>BLAKE2b-512<\/li>\n<li>SipHash<\/li>\n<li>RIPEMD-160<\/li>\n<li>Whirlpool<\/li>\n<li>GOST R 34.11-94<\/li>\n<li>GOST R 34.11-2012 (Streebog) 256-bit<\/li>\n<li>GOST R 34.11-2012 (Streebog) 512-bit<\/li>\n<li>md5($pass.$salt)<\/li>\n<li>md5($salt.$pass)<\/li>\n<li>md5(utf16le($pass).$salt)<\/li>\n<li>md5($salt.utf16le($pass))<\/li>\n<li>md5($salt.$pass.$salt)<\/li>\n<li>md5($salt.md5($pass))<\/li>\n<li>md5($salt.md5($salt.$pass))<\/li>\n<li>md5($salt.md5($pass.$salt))<\/li>\n<li>md5(md5($pass))<\/li>\n<li>md5(md5($pass).md5($salt))<\/li>\n<li>md5(strtoupper(md5($pass)))<\/li>\n<li>md5(sha1($pass))<\/li>\n<li>sha1($pass.$salt)<\/li>\n<li>sha1($salt.$pass)<\/li>\n<li>sha1(utf16le($pass).$salt)<\/li>\n<li>sha1($salt.utf16le($pass))<\/li>\n<li>sha1(sha1($pass))<\/li>\n<li>sha1($salt.sha1($pass))<\/li>\n<li>sha1(md5($pass))<\/li>\n<li>sha1($salt.$pass.$salt)<\/li>\n<li>sha1(CX)<\/li>\n<li>sha256($pass.$salt)<\/li>\n<li>sha256($salt.$pass)<\/li>\n<li>sha256(utf16le($pass).$salt)<\/li>\n<li>sha256($salt.utf16le($pass))<\/li>\n<li>sha512($pass.$salt)<\/li>\n<li>sha512($salt.$pass)<\/li>\n<li>sha512(utf16le($pass).$salt)<\/li>\n<li>sha512($salt.utf16le($pass))<\/li>\n<li>HMAC-MD5 (key = $pass)<\/li>\n<li>HMAC-MD5 (key = $salt)<\/li>\n<li>HMAC-SHA1 (key = $pass)<\/li>\n<li>HMAC-SHA1 (key = $salt)<\/li>\n<li>HMAC-SHA256 (key = $pass)<\/li>\n<li>HMAC-SHA256 (key = $salt)<\/li>\n<li>HMAC-SHA512 (key = $pass)<\/li>\n<li>HMAC-SHA512 (key = $salt)<\/li>\n<li>DES (PT = $salt, key = $pass)<\/li>\n<li>3DES (PT = $salt, key = $pass)<\/li>\n<li>Skip32 (PT = $salt, key = $pass)<\/li>\n<li>ChaCha20<\/li>\n<li>phpass<\/li>\n<li>scrypt<\/li>\n<li>PBKDF2-HMAC-MD5<\/li>\n<li>PBKDF2-HMAC-SHA1<\/li>\n<li>PBKDF2-HMAC-SHA256<\/li>\n<li>PBKDF2-HMAC-SHA512<\/li>\n<li>Skype<\/li>\n<li>WPA-EAPOL-PBKDF2<\/li>\n<li>WPA-EAPOL-PMK<\/li>\n<li>WPA-PMKID-PBKDF2<\/li>\n<li>WPA-PMKID-PMK<\/li>\n<li>iSCSI CHAP authentication, MD5(CHAP)<\/li>\n<li>IKE-PSK MD5<\/li>\n<li>IKE-PSK SHA1<\/li>\n<li>NetNTLMv1<\/li>\n<li>NetNTLMv1+ESS<\/li>\n<li>NetNTLMv2<\/li>\n<li>IPMI2 RAKP HMAC-SHA1<\/li>\n<li>Kerberos 5 AS-REQ Pre-Auth etype 23<\/li>\n<li>DNSSEC (NSEC3)<\/li>\n<li>CRAM-MD5<\/li>\n<li>PostgreSQL CRAM (MD5)<\/li>\n<li>MySQL CRAM (SHA1)<\/li>\n<li>SIP digest authentication (MD5)<\/li>\n<li>Kerberos 5 TGS-REP etype 23<\/li>\n<li>TACACS+<\/li>\n<li>JWT (JSON Web Token)<\/li>\n<li>SMF (Simple Machines Forum) &gt; v1.1<\/li>\n<li>phpBB3 (MD5)<\/li>\n<li>vBulletin &lt; v3.8.5<\/li>\n<li>vBulletin &gt;= v3.8.5<\/li>\n<li>MyBB 1.2+<\/li>\n<li>IPB2+ (Invision Power Board)<\/li>\n<li>WBB3 (Woltlab Burning Board)<\/li>\n<li>Joomla &lt; 2.5.18<\/li>\n<li>Joomla &gt;= 2.5.18 (MD5)<\/li>\n<li>WordPress (MD5)<\/li>\n<li>PHPS<\/li>\n<li>Drupal7<\/li>\n<li>osCommerce<\/li>\n<li>xt:Commerce<\/li>\n<li>PrestaShop<\/li>\n<li>Django (SHA-1)<\/li>\n<li>Django (PBKDF2-SHA256)<\/li>\n<li>Tripcode<\/li>\n<li>MediaWiki B type<\/li>\n<li>OpenCart<\/li>\n<li>Redmine<\/li>\n<li>PunBB<\/li>\n<li>Atlassian (PBKDF2-HMAC-SHA1)<\/li>\n<li>PostgreSQL<\/li>\n<li>MSSQL (2000)<\/li>\n<li>MSSQL (2005)<\/li>\n<li>MSSQL (2012, 2014)<\/li>\n<li>MySQL323<\/li>\n<li>MySQL4.1\/MySQL5<\/li>\n<li>Oracle H: Type (Oracle 7+)<\/li>\n<li>Oracle S: Type (Oracle 11+)<\/li>\n<li>Oracle T: Type (Oracle 12+)<\/li>\n<li>Sybase ASE<\/li>\n<li>Episerver 6.x &lt; .NET 4<\/li>\n<li>Episerver 6.x &gt;= .NET 4<\/li>\n<li>Apache $apr1$ MD5, md5apr1, MD5 (APR)<\/li>\n<li>ColdFusion 10+<\/li>\n<li>hMailServer<\/li>\n<li>nsldap, SHA-1(Base64), Netscape LDAP SHA<\/li>\n<li>nsldaps, SSHA-1(Base64), Netscape LDAP SSHA<\/li>\n<li>SSHA-256(Base64), LDAP {SSHA256}<\/li>\n<li>SSHA-512(Base64), LDAP {SSHA512}<\/li>\n<li>CRAM-MD5 Dovecot<\/li>\n<li>FileZilla Server &gt;= 0.9.55<\/li>\n<li>CRC32<\/li>\n<li>LM<\/li>\n<li>NTLM<\/li>\n<li>Domain Cached Credentials (DCC), MS Cache<\/li>\n<li>Domain Cached Credentials 2 (DCC2), MS Cache 2<\/li>\n<li>DPAPI masterkey file v1<\/li>\n<li>DPAPI masterkey file v2<\/li>\n<li>MS-AzureSync PBKDF2-HMAC-SHA256<\/li>\n<li>descrypt, DES (Unix), Traditional DES<\/li>\n<li>BSDi Crypt, Extended DES<\/li>\n<li>md5crypt, MD5 (Unix), Cisco-IOS $1$ (MD5)<\/li>\n<li>bcrypt $2*$, Blowfish (Unix)<\/li>\n<li>sha256crypt $5$, SHA256 (Unix)<\/li>\n<li>sha512crypt $6$, SHA512 (Unix)<\/li>\n<li>macOS v10.4, MacOS v10.5, MacOS v10.6<\/li>\n<li>macOS v10.7<\/li>\n<li>macOS v10.8+ (PBKDF2-SHA512)<\/li>\n<li>AIX {smd5}<\/li>\n<li>AIX {ssha1}<\/li>\n<li>AIX {ssha256}<\/li>\n<li>AIX {ssha512}<\/li>\n<li>Cisco-PIX MD5<\/li>\n<li>Cisco-ASA MD5<\/li>\n<li>Cisco-IOS $1$ (MD5)<\/li>\n<li>Cisco-IOS type 4 (SHA256)<\/li>\n<li>Cisco-IOS $8$ (PBKDF2-SHA256)<\/li>\n<li>Cisco-IOS $9$ (scrypt)<\/li>\n<li>Juniper NetScreen\/SSG (ScreenOS)<\/li>\n<li>Juniper IVE<\/li>\n<li>Juniper\/NetBSD sha1crypt<\/li>\n<li>FortiGate (FortiOS)<\/li>\n<li>Samsung Android Password\/PIN<\/li>\n<li>Windows Phone 8+ PIN\/password<\/li>\n<li>Citrix NetScaler<\/li>\n<li>RACF<\/li>\n<li>GRUB 2<\/li>\n<li>Radmin2<\/li>\n<li>ArubaOS<\/li>\n<li>SAP CODVN B (BCODE)<\/li>\n<li>SAP CODVN F\/G (PASSCODE)<\/li>\n<li>SAP CODVN H (PWDSALTEDHASH) iSSHA-1<\/li>\n<li>Lotus Notes\/Domino 5<\/li>\n<li>Lotus Notes\/Domino 6<\/li>\n<li>Lotus Notes\/Domino 8<\/li>\n<li>PeopleSoft<\/li>\n<li>PeopleSoft PS_TOKEN<\/li>\n<li>7-Zip<\/li>\n<li>RAR3-hp<\/li>\n<li>RAR5<\/li>\n<li>AxCrypt<\/li>\n<li>AxCrypt in-memory SHA1<\/li>\n<li>WinZip<\/li>\n<li>iTunes backup &lt; 10.0<\/li>\n<li>iTunes backup &gt;= 10.0<\/li>\n<li>TrueCrypt<\/li>\n<li>Android FDE &lt;= 4.3<\/li>\n<li>Android FDE (Samsung DEK)<\/li>\n<li>eCryptfs<\/li>\n<li>VeraCrypt<\/li>\n<li>LUKS<\/li>\n<li>FileVault 2<\/li>\n<li>MS Office &lt;= 2003<\/li>\n<li>MS Office 2007<\/li>\n<li>MS Office 2010<\/li>\n<li>MS Office 2013<\/li>\n<li>PDF 1.1 &#8211; 1.3 (Acrobat 2 &#8211; 4)<\/li>\n<li>PDF 1.4 &#8211; 1.6 (Acrobat 5 &#8211; 8)<\/li>\n<li>PDF 1.7 Level 3 (Acrobat 9)<\/li>\n<li>PDF 1.7 Level 8 (Acrobat 10 &#8211; 11)<\/li>\n<li>Apple Secure Notes<\/li>\n<li>Password Safe v2<\/li>\n<li>Password Safe v3<\/li>\n<li>LastPass + LastPass sniffed<\/li>\n<li>1Password, agilekeychain<\/li>\n<li>1Password, cloudkeychain<\/li>\n<li>Bitcoin\/Litecoin wallet.dat<\/li>\n<li>Blockchain, My Wallet<\/li>\n<li>Blockchain, My Wallet, V2<\/li>\n<li>Electrum Wallet (Salt-Type 1-3)<\/li>\n<li>KeePass 1 (AES\/Twofish) and KeePass 2 (AES)<\/li>\n<li>JKS Java Key Store Private Keys (SHA1)<\/li>\n<li>Ethereum Wallet, PBKDF2-HMAC-SHA256<\/li>\n<li>Ethereum Wallet, SCRYPT<\/li>\n<li>Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256<\/li>\n<li>Ansible Vault<\/li>\n<li>TOTP (HMAC-SHA1)<\/li>\n<li>Plaintext<\/li>\n<\/ul>\n<\/div>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>F\u00f8rste parameter er -m den beskriver hvilken hash mode\/type som skal bruges. Der er over 200 og flere kommer til. Hvilken type du skal bruge bestemmes af hvilken type password du skal finde. S\u00e5 derfor er det vigtigt at finde typen af hash som bliver brugt inden du g\u00e5r i gang. Nogle hash har signaturer, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_sitemap_exclude":false,"_sitemap_priority":"","_sitemap_frequency":"","footnotes":""},"categories":[8,7],"tags":[],"class_list":["post-151","post","type-post","status-publish","format-standard","hentry","category-shell","category-sikkerhed"],"a3_pvc":{"activated":false,"total_views":0,"today_views":0},"_links":{"self":[{"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=\/wp\/v2\/posts\/151","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=151"}],"version-history":[{"count":0,"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=\/wp\/v2\/posts\/151\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=151"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=151"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=151"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}