#hashcracking — Public Fediverse posts

MD6 - The Failed SHA-3 Hash You Likely Never Heard Of

While MD6 never made it into NIST as SHA-3, it has recently made its way into a few hash cracking contests.

After a suggestion from Vavaldi from HashMob to add MD6 support to hashgen, I began working on a Pure Go MD6 port. Once that was complete, I added support for 5x common MD6 digest sizes to hashgen.

MD6 - Pure Go port
https://github.com/cyclone-github/md6

hashgen v1.3.1 - MD6 support
https://github.com/cyclone-github/hashgen

#md6 #nist #sha3 #hashcracking #hashgen #cmiyc #ctc #golang #port

Hey, fellow hash crackers! What components do you use on your hash cracking rig(s)? Do tell!

https://forum.hashpwn.net/post/11837

#hashcracking #pc #linux #server #rig #infosec #hashcat #mdxfind #jtr #hashpwn

Hey, fellow hash crackers! What components do you use on your hash cracking rig(s)? Do tell!

https://forum.hashpwn.net/post/11837

#hashcracking #pc #linux #server #rig #infosec #hashcat #mdxfind #jtr #hashpwn

Hey, fellow hash crackers! What components do you use on your hash cracking rig(s)? Do tell!

https://forum.hashpwn.net/post/11837

#hashcracking #pc #linux #server #rig #infosec #hashcat #mdxfind #jtr #hashpwn

Crack the Con 2026 launched this morning!

https://forum.hashpwn.net/post/11778

#ctc #crackthecon #CypherCon #hashcracking #contest #hashpwn #cybersecurity #infosec

Released pcfg-go — a full Go rewrite of pcfg_cracker with ~3× faster training, ~40× faster guessing, $HEX[] and multi-byte support, improved trainer parsing...

Full Details: https://forum.hashpwn.net/post/11277

#pcfg #hashcracking #trainer #guesser #wordlist #generator #hashcat #hashpwn

CsP’s @Waffle_Real just released a new tool called hashpipe, and it solves a problem many of us run into with large potfiles: messy, misidentified hash:password entries.

hashpipe automatically validates founds by recomputing them, identifying the correct algorithm, and outputting verified results in an mdxfind format.

If you maintain large cracking datasets or potfiles, this is a great way to verify and clean them up.

Details:
https://forum.hashpwn.net/post/11119

GitHub repo:
https://github.com/Cynosureprime/hashpipe

#hashcracking #hashcat #jtr #hashpipe #CsP #cynosureprime #potfile #hashpwn

New version of hashgen released.

v1.2.2

- added mode: halfmd5 -m 5100
- added mode: morsedecode

https://forum.hashpwn.net/post/89

#hashgen #md5 #halfmd5 #hashcat #morsecode #morsedecode #hashcracking #hashpwn

Looking for a language specific wordlist? We are too! Share yours with the hashpwn community.

https://forum.hashpwn.net/post/7639

#hashpwn #wordlist #hashcracking #language #hashcat #jtr #dict #dictionary

Crackmon, a crack rate monitor for hashcat, now supports mdxfind in PR11.

Example: stop current attack if <100 cracks / 5 minutes.

crackmon -t 5 -c 100 hashcat {hashcat args}
or
crackmon -t 5 -c 100 mdxfind {mdxfind args}

https://forum.hashpwn.net/post/6138

#hashcat #mdxfind #hashcracking #hashpwn

🚀 New Release: hashgen v1.2.0

Big update packed with new features:

• Added 22 new modes: MySQL5, phpass, md5crypt, sha256crypt, sha512crypt, WordPress bcrypt-HMAC-SHA384 (wpbcrypt), base32 encode/decode, plus multiple hashcat modes including salted algos
• Updated yescrypt defaults to match Debian 12
• Read full changelog:
https://forum.hashpwn.net/post/5810

#hashgen #hashcat #infosec #golang #hashcracking #hashpwn #yescrypt #wordpressbcrypt

Since Wordpress v6.8, the default hash func produces a custom bcrypt hash: $wp$2y$10$...

More info on this custom algo, how it uses hmac-sha384, and how to crack them with hashcat.

https://forum.hashpwn.net/post/4205

#wordpress #bcrypt #wpbcrypt #hashcracking #hashpwn #hashgen #hashcat

Did you know, John the Ripper can use hashcat rules?

Unlike hashcat’s simple -r flag, JtR requires some manual setup in a conf file. @freeroute posted a step-by-step guide explaining how to do this.

https://forum.hashpwn.net/post/2718

#jtr #john #JohnTheRipper #hashcat #rules #hashcracking #infosec #howto #hashpwn

So atom, main developer of @hashcat, used the "rapid prototyping in Python" plugin of the new "assimilation bridge" in the new hashcat 7¹, with some success in our DEF CON password CTF win this past weekend (hosted by @jabbercracky).

Afterwards, atom realized it would make a good case study for how to use the new feature, so he wrote it up:

https://hashcat.net/forum/thread-13346.html

If you do exploration of mystery hash types (either for CTFs, or in the real world) ... this approach should absolutely be in your toolbox.

¹Note that some work was done during the contest to make the Python bridge plugin better for these use cases; next minor release of 7 will have it, or grab hashcat.net/beta/ or the latest GitHub main branch.

#PasswordCracking #HashCracking
#hashcat #hashcat7

Great game to all who played on both Competitive and Casual in this year's first DEF CON Jabbercracky, and congrats to team hashcat for 1st place, team hashmob for a close 2nd in the Competitive class.

https://forum.hashpwn.net/post/1974
https://defcon.jabbercracky.com/

#jabbercracky #defcon #hashcracking #contest #hashcat #hashmob #hashpwn

What a great Crack the Con #contest put on by #CsP! Congrats to Team #Hashmob for 1st, #Unmuddlers for 2nd, and #UNSHADE for 3rd!

https://crackthecon.com/leaderboard.php
https://forum.hashpwn.net/topic/119/crack-the-con-2025/6

#CtC #hashcracking #hashpwn

Mark your calendars for Crack the Con 2025!

https://crackthecon.com

https://forum.hashpwn.net/post/473

#CtC #CracktheCon #hashcracking #contest #CypherCon

Countdown for the next Jabbercracky hash cracking contest has begun! Mark your calendars for this weekend.

https://forum.hashpwn.net/post/390

#jabbercracky #hashcracking #competition #hashpwn #ctf #cmiyc #ctc #contest