Convert Password
Hashes into Plain Text
Tool that we use…
• John the Ripper (John):
John the Ripper is one of the most
popular and widely used password cracking tools. It can crack various types of
hashes, including crypt, MD5, SHA-1, and more.
• Hashcat:
Hashcat is a highly efficient and flexible password cracking
tool that supports a wide variety of hash algorithms and attack modes. It is
known for its speed and versatility in cracking passwords
• Hydra:
Hydra is a fast and flexible password cracking tool that
supports various protocols such as HTTP, HTTPS, SSH, FTP, SMB, and
more. It can perform brute-force, dictionary, and hybrid attacks
John the Ripper (John)
• Syntax:
john --format=nt --wordlist=/usr/share/wordlists/rockyou.txt hash_file.txt

“nt” refers to the NTLM (NT LAN Manager) hash format commonly used in Windows
operating systems for password hashing
Hash Identification Tools:
sudo apt install hash-identifier
hash-identifier
Hashcat
• Syntax:
hashcat -m 1000 hash_file.txt /usr/share/wordlists/rockyou.txt
 if you're dealing with NTLM hashes (hash mode 1000)
 You can find all hashes modes of hashcat from the below source:
https://hashcat.net/wiki/doku.php?id=example_hashes
Hydra
• Syntax:
hydra -l john -P wordlist.txt ftp://192.168.1.100
•
•
•
-l john: This flag specifies the username to use for the attack
-P wordlist.txt: This flag specifies the path to the wordlist (dictionary) file that
Hydra will use for the attack
ftp://192.168.1.100: This part of the command specifies the target and the
protocol.