custom rules
Online cracking
Perform this as part of the methodology
head /usr/share/wordlists/rockyou.txt > pass.txt
add the number '1', with $
$1
add uppercase characters c
$1 c
or (to apply multiple rules add newlines)
$1
c
$1 c
add a special character to the end of the wordlist - in this case add !:
$1 c $!
add additional rules to apply more numbers, characters
$1 c $!
$2 c $!
$1 $2 $3 c $!
Save the document as a .rule file (standard hashcat rule file)
Confirm your rule works against the test password file, with hashcat:
hashcat -r mycustom.rule --stdout pass.txt
Use your custom rule to crack hashes with hashcat
hashcat -m 0 crackme.txt /usr/share/wordlists/rockyou.txt -r mycustom.rule --force
Use your custom rule to create a dictionary file (from the first 10000 lines of rockyou.txt), if needed for bruteforcing:
head -n10000 /usr/share/wordlists/rockyou.txt > rockyou10000.txt
hashcat -r mycustom.rule --stdout rockyou10000.txt | tee mutated.txt
For more mutations: https://hashcat.net/wiki/doku.php?id=rule_based_attack
hashcat -m 1000 file.hash /usr/share/wordlists/rockyou.txt
Perform this step if the hash is unfamiliar or unknown
hashcat -m 1000 file.hash /usr/share/wordlists/rockyou.txt -r /usr/share/hashcat/rules/rockyou-30000.rule
hashcat -m 13100 tgs-rep_hash /usr/share/wordlists/rockyou.txt
hashcat -m 18200 hashes.asreproast /usr/share/wordlists/rockyou.txt
gpp-decrypt "+bsY0V3d4/KgX3VJdO/vyepPfAN1zMFTiQDApgR92JE"
ssh2john id_rsa
john --wordlist=/usr/share/wordlists/rockyou.txt id_rsa.hash
unshadow passwd.txt shadow.txt > unshadowed.txt
john --wordlist=/usr/share/wordlists/rockyou.txt
keepass2john Database.kdbx
remove the text Database: from the content of the file
john --wordlist=/usr/share/wordlists/rockyou.txt kdbxhash.john
Windows standard
Other files/hashes
https://cyberchef.io/
hash-identifier
hashid '0814b6b7f0de51ecf54ca5b6e6e612bf'
google the service name, pwd decryptor etc