Hash Crack Central - Hash Cracking Manual & Lab

Hash Cracking Manual & Lab (Educational Use Only)

Authorized use only.

This lab is for CTFs, training, and permitted assessments. It never performs cracking or network calls—it helps you plan and understand attacks and defenses.

Identify a hash

Paste a hash to get heuristic type guesses with cracking and defense hints.

Plan an attack

Estimate keyspace and time based on charset, length, and hash speeds.

Build commands

Generate hashcat, John, and Medusa (lab only) commands with guidance.

Read the manual

Structured guidance on hashes, wordlists, rules, techniques, and ethics.

Hash Identifier (Heuristic)

Paste a hash to identify

Hash input

Offline heuristic only. No network calls. Results are best-effort.

Possible hash types

Results will appear here after analysis.

Common Hash Types & Hashcat Modes

Hash Type	Hashcat Mode	Example Hash	Length
MD5	`0`	`5f4dcc3b5aa765d61d8327deb882cf99`	32 hex
SHA1	`100`	`5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8`	40 hex
SHA256	`1400`	`5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8`	64 hex
SHA512	`1700`	`b109f3bbbc...`	128 hex
NTLM	`1000`	`b4b9b02e6f09a9bd760f388b67351e2b`	32 hex
bcrypt	`3200`	`$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy`	60 chars
Linux SHA512	`1800`	`$6$rounds=5000$...`	Variable
WPA/WPA2	`22000`	PMKID/EAPOL format	Variable
Kerberos 5 TGS	`13100`	`$krb5tgs$23$...`	Variable
NetNTLMv2	`5600`	`admin::N46iSNekpT:08ca45...`	Variable

Attack Planner & Time Estimator

Estimate effort

Hash type

Attack mode

Character set Lowercase Uppercase Digits Symbols

Password length

or

Provide an exact length or a min/max range.

Hash speed (H/s)

Use realistic speeds: memory-hard hashes are far slower than fast hashes.

Estimates

Enter parameters and calculate to see keyspace and estimated time.

Tool Command Builders

hashcat builder

Hash file

Wordlist

Hash mode

Attack mode

Mask (optional)

Rules file (optional)

Output file (optional)

Mask is used when attack mode supports it. Rules are applied to wordlist-based modes.

Generated command

hashcat -m 0 -a 0 hashes.txt rockyou.txt

Reference: Attack Modes

Dictionary (-a 0)hashcat -m 0 -a 0 hashes.txt rockyou.txt

Combinator (-a 1)hashcat -m 0 -a 1 hashes.txt wordlist1.txt wordlist2.txt

Brute Force (-a 3)hashcat -m 0 -a 3 hashes.txt ?a?a?a?a?a?a

Hybrid Wordlist + Mask (-a 6)hashcat -m 0 -a 6 hashes.txt rockyou.txt ?d?d?d

Hybrid Mask + Wordlist (-a 7)hashcat -m 0 -a 7 hashes.txt ?d?d?d rockyou.txt

John the Ripper builder

Hash file

Wordlist

Mode

Format

Use john --show to display cracked creds once complete.

Generated command

john --wordlist=rockyou.txt --format=raw-md5 hashes.txt john --show --format=raw-md5 hashes.txt

Reference: Formats

Format	Use case
`raw-md5`	Generic MD5 hashes
`raw-sha1`	Generic SHA-1 hashes
`nt`	Windows NTLM
`bcrypt`	Unix/ web app bcrypt

Medusa builder (LAB/CTF only)

Service

Target host

Username or file

Password list

Threads

Authorization required. Online login testing must be limited to lab scopes where you have explicit permission.

Generated command

medusa -h 10.10.10.10 -u admin -P rockyou.txt -M ssh -t 4

Password Cracking Manual

Hashing vs Encryption vs Encoding

Hashing is one-way for integrity/auth, encryption is two-way confidentiality, encoding is reversible representation. Defensive aim: use slow salted password hashing.

Salting & Peppering

Salts are unique per password and stored alongside hashes to defeat rainbow tables; peppers are secret server-side values to slow offline cracking if the DB leaks.

Fast vs Slow Hashes

Fast hashes (MD5, SHA1, NTLM) are GPU-friendly and crack quickly; slow hashes (bcrypt, scrypt, argon2, sha512crypt) are memory/CPU hard to resist brute force.

Offline vs Online attacks

Offline attacks target dumped hashes; speed limited by hardware. Online attacks target live services; limited by lockouts, rate limits, and authorization—stick to lab scopes.

Wordlists & Dictionaries

Wordlist	Description
rockyou.txt	Popular leaked passwords baseline
SecLists	Comprehensive lists for passwords, usernames, and more
CrackStation	Online hash lookup (defensive verification, not cracking)

Crunchcrunch 8 8 abc123 -o custom.txt

CeWLcewl -w target_words.txt https://example.com

Rules & Mutations

Rule	Meaning
`:`	No-op (keep original)
`c`	Capitalize first letter
`d`	Duplicate word
`$1`	Append "1"
`^!`	Prepend "!"

Hashcat with ruleshashcat -m 0 -a 0 hashes.txt rockyou.txt -r rules/best64.rule

Advanced Techniques & Tips

Attack progression: start with wordlist + common rules, then hybrid masks, then targeted masks.
Performance: tune work sizes, use GPU, avoid overheating, checkpoint often.
Common patterns: Season+Year, keyboard walks, l33t substitutions, suffix digits.
Tips: Backup hashes, avoid corrupting originals, log commands and results.

CrackStation

Lookup service for known hashes (defensive verification, not a cracking backend).

Hashcat Wiki

Official documentation for modes, optimizations, and rule syntax.

Legal & Ethical Disclaimer

Educational purposes only.

Use solely for labs, CTFs, and authorized tests. Unauthorized access or cracking may be illegal and unethical. This page does not execute attacks or make network calls; it only assists planning.

Always obtain written permission.
Respect rate limits and account lockouts for any online tests.
Prefer slow, salted password hashing defensively.