Skip to content
/ metacrack Public

Use meta data to create association attacks for Hashcat.

License

MIT license
6 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

acmesecorg/metacrack

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

193 Commits
Builds
Builds
 
 
Properties
Properties
 
 
.gitignore
.gitignore
 
 
CatalogOptions.cs
CatalogOptions.cs
 
 
CatalogPlugin.cs
CatalogPlugin.cs
 
 
ConsoleUtil.cs
ConsoleUtil.cs
 
 
CutOptions.cs
CutOptions.cs
 
 
CutPlugin.cs
CutPlugin.cs
 
 
ExportOptions.cs
ExportOptions.cs
 
 
ExportPlugin.cs
ExportPlugin.cs
 
 
HashOptions.cs
HashOptions.cs
 
 
HashPlugin.cs
HashPlugin.cs
 
 
LICENSE
LICENSE
 
 
LookupOptions.cs
LookupOptions.cs
 
 
LookupPlugin.cs
LookupPlugin.cs
 
 
MapOptions.cs
MapOptions.cs
 
 
MapPlugin.cs
MapPlugin.cs
 
 
Metacrack.csproj
Metacrack.csproj
 
 
Metacrack.csproj.user
Metacrack.csproj.user
 
 
Metacrack.sln
Metacrack.sln
 
 
ParseOptions.cs
ParseOptions.cs
 
 
ParsePlugin.cs
ParsePlugin.cs
 
 
PluginAttribute.cs
PluginAttribute.cs
 
 
PluginBase.cs
PluginBase.cs
 
 
PluginExtensions.cs
PluginExtensions.cs
 
 
PluginLoadContext.cs
PluginLoadContext.cs
 
 
Program.cs
Program.cs
 
 
README.md
README.md
 
 
RankOptions.cs
RankOptions.cs
 
 
RankPlugin.cs
RankPlugin.cs
 
 
Rules results.xlsx
Rules results.xlsx
 
 
RulesEngine.cs
RulesEngine.cs
 
 
RulesEngineExtensions.cs
RulesEngineExtensions.cs
 
 
SortOptions.cs
SortOptions.cs
 
 
SortPlugin.cs
SortPlugin.cs
 
 
SplitOptions.cs
SplitOptions.cs
 
 
SplitPlugin.cs
SplitPlugin.cs
 
 
SqlOptions.cs
SqlOptions.cs
 
 
SqlPlugin.cs
SqlPlugin.cs
 
 
ValidateOptions.cs
ValidateOptions.cs
 
 
ValidatePlugin.cs
ValidatePlugin.cs
 
 
rules-spec.html
rules-spec.html
 
 

Repository files navigation

metacrack

Metacrack is a command line tool for security researchers and pentesters to create targeted hash / word association lists to help crack salted hashes in hashcat. Metacrack is currently in beta, and is not yet optimised for performance. Users of Metacrack should be very comfortable with using command line tools, including Hashcat.

Each function is written as a plugin which maps directly to a command line verb, for example:

meta export values.txt output.txt

  • meta is the name of the compiled command line executeable
  • export is the verb you wish to use
  • values.txt and output.txt are parameters specific to the export verb.

Help for each verb can be viewed by typing meta <plugin> --help. It is also possible to write your own plugin as a c# dll, which will automatically be loaded and executed by the meta command line tool. See creating your own plugin for more details.

License

Metacrack is licensed under the MIT license. Refer to license.txt for more information.

Latest builds

Platform Link
win-x64 meta-win-x64-1.2.12.7z
linux-x64 meta-linux-x64-1.2.12.7z

Usage and features

Metacrack uses metadata associated with a hash to create a per-hash list of possible words to use where a hash is difficult or expensive to crack. Common sources of data include previous password breaches, usernames, birthdates, and emails addresses.

Metadata is first cataloged using the catalog verb which stores the data indexed by a key derived from an anonymised version of an email address.

By providing a file containing a list of email:hash combinations, it is possible to perform a lookup to create two files that are compatible with Hashcat associative attack (attack mode 9). Words that would be duplicated by a rule in hashcat can be filtered out by supplying the rule to metacrack. Hashes can be filtered by Hashcat mode and iteration count to ensure that they are valid, as any inconsistencies will prevent hashcat from running the attack. Output in the form of cracked hashes from hashcat can be provided to metacrack to be removed from hash / wordlists, and exported using the export verb, in various formats.

Note Ensure that you are both legally and ethically allowed to use the meta data associated with the hashes you are trying to crack.

Plugins

Please see more comprehensive documentation taking shape in the https://github.com/acmesecorg/metacrack/tree/rocksdb branch

About

Use meta data to create association attacks for Hashcat.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

6 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages