Passwords

hash-identifier 
hashid

john hashes.txt                  # Crack password hashes stored in hashes.txt
john --wordlist=wordlist.txt hashes.txt  # Crack passwords using a wordlist
john --rules --wordlist=wordlist.txt hashes.txt  # Apply word mangling rules to the wordlist
john --incremental hashes.txt    # Perform incremental brute force attack

john --format=md5 hashes.txt     # Specify hash type as MD5
john --format=sha256 hashes.txt  # Specify hash type as SHA256
john --format=bcrypt hashes.txt  # Specify hash type as bcrypt

john --fork=4 hashes.txt        # Run John with multiple threads (4 threads)
john --session=MySession        # Specify session name for the cracking session
john --show                     # Show cracked passwords
john --format=dynamic hashes.txt  # Detect hash type automatically

john --test hashes.txt          # Test hash cracking speed
john --make-charset=charset.txt # Generate custom character set

hashcat -m 0 hashes.txt wordlist.txt  # Crack MD5 hashes using a wordlist
hashcat -m 1000 hashes.txt wordlist.txt  # Crack SHA256 hashes using a wordlist
hashcat -m 1800 hashes.txt wordlist.txt  # Crack bcrypt hashes using a wordlist

hashcat -m 0 -a 3 hashes.txt ?a?a?a?a  # Brute force MD5 hashes using alphanumeric characters
hashcat -m 1000 -a 3 hashes.txt ?a?a?a?a?a  # Brute force SHA256 hashes using alphanumeric characters
hashcat -m 1800 -a 3 hashes.txt ?a?a?a?a?a?a  # Brute force bcrypt hashes using alphanumeric characters

hashcat -m 0 -a 0 hashes.txt wordlist.txt -r rules/best64.rule  # Apply rules from a rule file
hashcat -m 1000 -a 0 hashes.txt wordlist.txt -r rules/dive.rule  # Apply specific rules from a rule file
hashcat -m 1800 -a 0 hashes.txt wordlist.txt -r rules/combinator.rule  # Combine wordlist with wordlist

hashcat --force                    # Ignore warnings and force hash cracking
hashcat --optimized-kernel-enable # Use optimized kernel for AMD/NVIDIA GPUs
hashcat --gpu-temp-disable        # Disable temperature and fan speed checks

hashcat --benchmark   # Run a benchmark to measure hash cracking speed
hashcat --stdout      # Output hash cracking results to stdout
hashcat --help        # Display help message with all available options

zip2john protected.zip > ziphash.txt

john --format=zip ziphash.txt --wordlist=/usr/share/wordlists/rockyou.txt

fcrackzip -D -p /usr/share/wordlists/rockyou.txt 16162020_backup.zip

ssh2john id_rsa > id_rsa_hash.txt

john id_rsa_hash.txt --wordlist=/usr/share/wordlists/rockyou.txt

python3 gitea3hashcat.py <gitea.db>

import sqlite3
import base64
import sys

if len(sys.argv) != 2:
    print("Usage: python3 gitea3hashcat.py <gitea.db>")
    sys.exit(1)

try:
    con = sqlite3.connect(sys.argv[1])
    cursor = con.cursor()
    cursor.execute("SELECT passwd_hash_algo,salt,passwd FROM user")
    for row in cursor.fetchall():
        if "pbkdf2" in row[0]:
            algo, iterations, keylen = row[0].split("$")
            algo = "sha256"
        else:
            raise Exception("Unknown Algorithm")
        salt = bytes.fromhex(row[1])
        passwd = bytes.fromhex(row[2])
        salt_b64 = base64.b64encode(salt).decode("utf-8")
        passwd_b64 = base64.b64encode(passwd).decode("utf-8")
        print(f"{algo}:{iterations}:{salt_b64}:{passwd_b64}")
except Exception as e:
    print(f"Error: {e}")
    sys.exit(1)