Autocrack is python script is a Hashcat wrapper to help automate the cracking process. The script includes multiple functions to select a set of wordlists and rules, as well as the ability to run a bruteforce attack, with custom masks, before the wordlist/rule attacks.
Autocrack uses Python 3, which is usually installed already in various Linux distributions. To install Python 3 in OS X, follow the instructions here.
Also Read XSS-Payload-List : Cross Site Scripting ( XSS ) Vulnerability Payload List
Be sure to set the path variables at the beginning of the script.
usage: autocrack.py [-h] [-b NUM] [-bm BRUTEMASK]
[-cr CUSTOMRULES] [-cw CUSTOMWL] [-f] [-i INPUTFILE]
[-l LOGFILE] [-lh [LISTHASHMODE]] [-lw {all,small,custom}]
[-m HASHMODE] [-p] [-pu] [-r {all,simple,singles,combos}]
[-s] [-t WLFILTER] [-u] [-w {all,small,custom}]
[-ws WORDLISTSIZE]
optional arguments:
-h, --help show this help message and exit
-b NUM, --brute NUM Start cracking with brute force. Specify max length (1-55)
-bm BRUTEMASK, --brutemask BRUTEMASK
Character types to brute force (?a, ?u, ?l, ?s, ?d);
If only one type is specified, all positions will be
brute forced with that character type
-cr CUSTOMRULES, --customrules CUSTOMRULES
Comma separated list of rules to run; rules are run in
the order of left to right
-cw CUSTOMWL, --customwl CUSTOMWL
Comma separated list of the full path to one or more wordlists
-f, --force Pass the force parameter to Hashcat
-i INPUTFILE, --inputfile INPUTFILE
Path to file with hashes
-l LOGFILE, --logfile LOGFILE
Path to log the cracking session
-lh [LISTHASHMODE], --listhashmode [LISTHASHMODE]
List hash types and their associated mode; provide a
keyword to filter results
-lw {all,small,custom}, --listwordlists {all,small,custom}
List wordlists in BASESUPPORTFILESPATH/wordlists; -t
(filter) and -ws (wordlist size) can be used to affect
results
-m HASHMODE, --hashmode HASHMODE
Hashcat cracking algorithm
-p, --pwds Output the list of cracked passwords (for pipal
analysis)
-pu, --pwdsunique Output a uniqued list of cracked passwords
-r {all,simple,singles,combos}, --rules {all,simple,singles,combos}
Specify which hashcat set of rules to use
-s, --show Display cracked credentials
-t WLFILTER, --wlfilter WLFILTER
Filters the wordlists to only include file names that
contain the keyword
-u, --username Pass the username parameter to Hashcat
-v {0,1,2}, --verbose {0,1,2}
Specify a verbosity level: 0: Informational, 1:
Verbose, 2: Include Hashcat Output
-w {all,small,custom}, --wordlists {all,small,custom}
Specify which set of wordlists to use; "custom" uses
the -ws option to specify the maximum file size
-ws WORDLISTSIZE, --wordlistsize WORDLISTSIZE
Filter wordlists to files of a maximum number of
lines; Default = 500,000; 0 = all wordlists
Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
If you are working with Linux or writing bash scripts, one of the most common…
What is a bash case statement? A bash case statement is a way to control…
Why Do We Check Files in Bash? When writing a Bash script, you often work…