Hashing & Cracking
Last updated
Was this helpful?
Last updated
Was this helpful?
Hashing is simply passing some data through a formula that produces a result, called a hash. That hash is usually a string of characters and the hashes generated by a formula are always the same length, regardless of how much data you feed into it. (SHA,MD5,MD4,GOST)
You can use the which is a complete list of Hashcat supported hash types.
Sometimes you might have difficulties with Hashcat, try John
Basic authorization is..basic. A username and a password separated by a colon is then encoded in Base64. The screenshot below demonstrate the credentials admin:admin being sent through the Authorization header of an HTTP request.
Most of the time, authentication is made via a form posted to the web server. You can try to brute force it but watch out for CSRF. Try sending the same request twice using burp.