Password lab: prerequisites

For this lab we need hashcat and the linux shell.

  • The simplest way is to run hashcat inside docker. This will provide you with an environment that is identical to the one we used (all the examples will be exactly the same and you will be able to easily reproduce them all).
  • If you want to appreciate the performance of hashcat exploiting your GPU, then you can additionally install hashcat natively.
  • Finally, in case you are really in trouble with installing docker, an alternative solution is to run hashcat inside a virtualized linux box (e.g. virtualbox)

We give detailed instructions below.

Using Docker

This provides you with an environment that is identical to the one we used (all the examples will be exactly the same and you will be able to easily reproduce them all).

  1. Install Docker CE from here (note: hashcat does not run correctly from the Linux VM with docker already installed )
  2. Run the docker image (automatic download)
    $ docker run -it --rm secunive/security1:hashcat
    root@d1d6f933a495:~# hashcat
    Usage: hashcat [options]... hash|hashfile|hccapxfile [dictionary|mask|directory]...
    
    Try --help for more help.
    root@d1d6f933a495:~#

Note: if you experiment problems with memory in docker you can increase it from the advanced setting

Installing hashcat natively

This option will give you the highest performance, possibly exploiting your GPU, but remember that, for uniformity, all the examples will be given in the linux shell you get from docker (see above).

  • Installing on linux with apt: apt install hashcat
  • Installing on osx with homebrew: brew install hashcat
  • Installing on windows (download the latest binaries from here)

Using virtualbox

If you have troubles with docker you can still use virtualbox or any other virtualization solution. To have an image which is identical to the one in docker it is enough to install ubuntu 18:04 and run, from a shell:

sudo apt update
sudo apt install -y hashcat wget
wget https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt

How to start the lab

Go to Task 1