<![CDATA[PwnForums - Hash Cracking]]> https://pwnforums.st/ Sat, 04 Apr 2026 21:20:27 +0000 MyBB <![CDATA[Dictionary attack on bcrypt]]> https://pwnforums.st/Thread-Dictionary-attack-on-bcrypt Sun, 08 Feb 2026 21:31:37 +0000 Ting7]]> https://pwnforums.st/Thread-Dictionary-attack-on-bcrypt What causes such big differences and how are dictionary attacks even practical when you’re dealing with millions of bcrypt hashes?]]> What causes such big differences and how are dictionary attacks even practical when you’re dealing with millions of bcrypt hashes?]]> <![CDATA[Help me decrypt the md5 hash please]]> https://pwnforums.st/Thread-Help-me-decrypt-the-md5-hash-please Sat, 02 Aug 2025 08:15:23 +0000 NgoThuan]]> https://pwnforums.st/Thread-Help-me-decrypt-the-md5-hash-please
The password :  f116c4d27eafeebbcce7534e23e3cdab9 .

THANK FOR HELP ME  Heart Heart]]>
The password :  f116c4d27eafeebbcce7534e23e3cdab9 .

THANK FOR HELP ME  Heart Heart]]> <![CDATA[Hash cracking for beginners]]> https://pwnforums.st/Thread-Hash-cracking-for-beginners Wed, 26 Mar 2025 17:56:14 +0000 legalethicalhacker]]> https://pwnforums.st/Thread-Hash-cracking-for-beginners
Once you have a password hash you can either manually use hashcat, johntheripper or other tools to crack it. or you can go the easier route and use tools like:

crackstation[.]net
hashes[.]com
md5decrypt[.]net
hashkiller[.]co[.]uk
ntlm[.]pw

To crack a hash with hashcat:

install 'hashcat' package with ur package manager

hashcat --identify hash.txt
To see which hashing algorithm it is (md5,sha256)
if you still dont know, you can use tools like
hashid or hash-identifier or
visit hashcat[.]net/wiki/doku.phpid=example_hashes

after you found the hash, this should work:
hashcat --help | grep -E "^\s*[0-9]+"

then run:
hashcat -m (the number to ur hash type) hash.txt wordlist.txt

To crack a hash with johntheripper:

install 'john' package with ur package manager

identify the hash with the tools listed above

and run:
john --format=yourhashtype --wordlist=wordlist.txt hash.txt

you can also just run john hash.txt, but it might fail guessing the hash type, and the default wordlist is pretty weak.

i recommend using the online tools listed above, as they are very fast and have huge wordlists, i also recommend to use hashcat instead of john because it is faster.]]>
Once you have a password hash you can either manually use hashcat, johntheripper or other tools to crack it. or you can go the easier route and use tools like:

crackstation[.]net
hashes[.]com
md5decrypt[.]net
hashkiller[.]co[.]uk
ntlm[.]pw

To crack a hash with hashcat:

install 'hashcat' package with ur package manager

hashcat --identify hash.txt
To see which hashing algorithm it is (md5,sha256)
if you still dont know, you can use tools like
hashid or hash-identifier or
visit hashcat[.]net/wiki/doku.phpid=example_hashes

after you found the hash, this should work:
hashcat --help | grep -E "^\s*[0-9]+"

then run:
hashcat -m (the number to ur hash type) hash.txt wordlist.txt

To crack a hash with johntheripper:

install 'john' package with ur package manager

identify the hash with the tools listed above

and run:
john --format=yourhashtype --wordlist=wordlist.txt hash.txt

you can also just run john hash.txt, but it might fail guessing the hash type, and the default wordlist is pretty weak.

i recommend using the online tools listed above, as they are very fast and have huge wordlists, i also recommend to use hashcat instead of john because it is faster.]]> <![CDATA[Need help to crack a password protected zip file]]> https://pwnforums.st/Thread-Need-help-to-crack-a-password-protected-zip-file Sun, 23 Feb 2025 20:27:51 +0000 InsertEnd]]> https://pwnforums.st/Thread-Need-help-to-crack-a-password-protected-zip-file
I can see the files name, but not the content.

I have a copy of b.txt uncompressed and decrypted from when I knew the password

What approaches do you recommend?

For now, I'm trying to find out how to use hashcat, I was able to crack some test files.

thanks in advance Big Grin]]>
I can see the files name, but not the content.

I have a copy of b.txt uncompressed and decrypted from when I knew the password

What approaches do you recommend?

For now, I'm trying to find out how to use hashcat, I was able to crack some test files.

thanks in advance Big Grin]]> <![CDATA[Nvidia 5090]]> https://pwnforums.st/Thread-Nvidia-5090 Fri, 31 Jan 2025 12:36:23 +0000 joepa]]> https://pwnforums.st/Thread-Nvidia-5090 Is it any good for hashcat?
Of just extra AI frames and no additional performance over a 4090?]]> Is it any good for hashcat?
Of just extra AI frames and no additional performance over a 4090?]]> <![CDATA[I really need help for solve these bcrypt]]> https://pwnforums.st/Thread-I-really-need-help-for-solve-these-bcrypt Fri, 31 Jan 2025 01:22:03 +0000 mcdodo]]> https://pwnforums.st/Thread-I-really-need-help-for-solve-these-bcrypt
$2y$10$niHcfy6W52pSll8pWm58pejS40sQECuELfQo1AQ/TfPf4Vjk.OBqi
$2y$10$mTpvv9zePFetR.Q7A/lPVupHJsb2AtzIidT2neMPlyno3x/hHDZ/C
$2y$10$onqQYKfeNlrVunNgUP0q1.xyqATCxW5ToVaHKaRzy0CKpRniDA7ba
$2y$10$2WUEvTpod4kZTIetKAol2e3U5pEmMgEZHQxu8i2OG6n15NQDphjpW
$2y$10$U6hbGrVC6IFaKn4aQg1VC.D9rOwfXzeu4k9sTIKe04rkZlvbLYJn.
$2y$10$hPa5gUZ3a0FAVa0ZaZzRyeKdCgyGGzEOXqNTy/E.CEVBC4PXGbVJa
$2y$10$eEdt2rpyf0da96dvOmkc/.D/VTqElLewrmtFFrr1hgmQBxphGoZym
$2y$10$1/5wwCuQjdsswm4et1AtC.5aYrFh5bTqyrXkr4lBbz9zBvz14HmxW]]>
$2y$10$niHcfy6W52pSll8pWm58pejS40sQECuELfQo1AQ/TfPf4Vjk.OBqi
$2y$10$mTpvv9zePFetR.Q7A/lPVupHJsb2AtzIidT2neMPlyno3x/hHDZ/C
$2y$10$onqQYKfeNlrVunNgUP0q1.xyqATCxW5ToVaHKaRzy0CKpRniDA7ba
$2y$10$2WUEvTpod4kZTIetKAol2e3U5pEmMgEZHQxu8i2OG6n15NQDphjpW
$2y$10$U6hbGrVC6IFaKn4aQg1VC.D9rOwfXzeu4k9sTIKe04rkZlvbLYJn.
$2y$10$hPa5gUZ3a0FAVa0ZaZzRyeKdCgyGGzEOXqNTy/E.CEVBC4PXGbVJa
$2y$10$eEdt2rpyf0da96dvOmkc/.D/VTqElLewrmtFFrr1hgmQBxphGoZym
$2y$10$1/5wwCuQjdsswm4et1AtC.5aYrFh5bTqyrXkr4lBbz9zBvz14HmxW]]> <![CDATA[What is your hashcracking setup?]]> https://pwnforums.st/Thread-What-is-your-hashcracking-setup Sun, 29 Dec 2024 16:04:44 +0000 sovrvltn]]> https://pwnforums.st/Thread-What-is-your-hashcracking-setup
I have seen a few articles, like this one: https://www.secjuice.com/how-to-build-a-cracking-rig/, but most seem to be fairly outdated. $10k budget limit. Thinking that buying used GPUs is the way to go]]>
I have seen a few articles, like this one: https://www.secjuice.com/how-to-build-a-cracking-rig/, but most seem to be fairly outdated. $10k budget limit. Thinking that buying used GPUs is the way to go]]> <![CDATA[I need a Bruter for roblox accounts any tips?]]> https://pwnforums.st/Thread-I-need-a-Bruter-for-roblox-accounts-any-tips Fri, 27 Dec 2024 22:04:01 +0000 Trstin]]> https://pwnforums.st/Thread-I-need-a-Bruter-for-roblox-accounts-any-tips <![CDATA[I can't decrypt the password (MD5+salt) can you help me?]]> https://pwnforums.st/Thread-I-can-t-decrypt-the-password-MD5-salt-can-you-help-me Mon, 25 Nov 2024 12:49:20 +0000 Nosmoking7up]]> https://pwnforums.st/Thread-I-can-t-decrypt-the-password-MD5-salt-can-you-help-me
I've tries many dictionaries with john and hashcat but nothing.

So please help me !

The password to crack :

4ab411caa0fb4876fbcda8bde6298881:|X7-O]]>
I've tries many dictionaries with john and hashcat but nothing.

So please help me !

The password to crack :

4ab411caa0fb4876fbcda8bde6298881:|X7-O]]> <![CDATA[Big Basket SHA-1 Hash Cracking]]> https://pwnforums.st/Thread-Big-Basket-SHA-1-Hash-Cracking Thu, 21 Nov 2024 03:04:57 +0000 ReverseForce]]> https://pwnforums.st/Thread-Big-Basket-SHA-1-Hash-Cracking
https://pwnforums.st/Thread-bigbasket...d-Download


Example hash - sha1$b3572$c67ef66df323e92ef604464aae2c9fdede969d39]]>
https://pwnforums.st/Thread-bigbasket...d-Download


Example hash - sha1$b3572$c67ef66df323e92ef604464aae2c9fdede969d39]]> <![CDATA[Petition: list dehashed for dbs.]]> https://pwnforums.st/Thread-Petition-list-dehashed-for-dbs Wed, 13 Nov 2024 16:54:30 +0000 boar]]> https://pwnforums.st/Thread-Petition-list-dehashed-for-dbs <![CDATA[Generates millions of keyword-based password mutations in seconds.]]> https://pwnforums.st/Thread-Generates-millions-of-keyword-based-password-mutations-in-seconds Wed, 23 Oct 2024 12:44:48 +0000 global2141]]> https://pwnforums.st/Thread-Generates-millions-of-keyword-based-password-mutations-in-seconds Psudohash is a versatile password list generator designed for orchestrating brute force attacks and cracking hashes. It replicates common human password creation patterns to improve efficiency, including:
  • Character Substitution (Leet): Converts letters to symbols/numbers (e.g., “password” to “p@ssw0rd”).
  • Char-Case Variations: Generates all possible case combinations.
  • Padding and Affixes: Adds common strings before/after keywords (like “123”, “!”, “2024”).
The tool is keyword-based and highly customizable, allowing precise control over generated lists. If you're working with hash cracking or password security assessments, give Psudohash a try!

Hidden Content
You must register or login to view this content.
]]> Psudohash is a versatile password list generator designed for orchestrating brute force attacks and cracking hashes. It replicates common human password creation patterns to improve efficiency, including:
  • Character Substitution (Leet): Converts letters to symbols/numbers (e.g., “password” to “p@ssw0rd”).
  • Char-Case Variations: Generates all possible case combinations.
  • Padding and Affixes: Adds common strings before/after keywords (like “123”, “!”, “2024”).
The tool is keyword-based and highly customizable, allowing precise control over generated lists. If you're working with hash cracking or password security assessments, give Psudohash a try!

Hidden Content
You must register or login to view this content.
]]> <![CDATA[Successful custom wordlists]]> https://pwnforums.st/Thread-Successful-custom-wordlists Thu, 15 Aug 2024 22:32:07 +0000 viceCoolMan]]> https://pwnforums.st/Thread-Successful-custom-wordlists <![CDATA[doubt on 2024 rockyou hash table]]> https://pwnforums.st/Thread-doubt-on-2024-rockyou-hash-table Mon, 08 Jul 2024 15:57:54 +0000 lslsakalsls]]> https://pwnforums.st/Thread-doubt-on-2024-rockyou-hash-table
any other usage of the 2024 rockyou?]]>
any other usage of the 2024 rockyou?]]> <![CDATA[Hash Cracking / "Decryption" Service]]> https://pwnforums.st/Thread-Hash-Cracking-Decryption-Service Fri, 03 May 2024 11:29:38 +0000 Sneed]]> https://pwnforums.st/Thread-Hash-Cracking-Decryption-Service 2026 Update - this service is still available! Sup BreachForums,
Since posting my Swiss army knife thread, I've been receiving messages asking for help with bulk cracking or "decryption" of hashes. This service is primarily targeted towards those who have breached sites or bought private data, but don't have the knowledge or hardware to crack hashes.

What can I crack?
I have been cracking hashes as a hobby since 2019. I was a contributor to hashes.org and still regularly hold leaderboard positions on HashMob.
This is not a service in which I just run 60 gigabytes of NCSC/rockyou lists and call it a day. I tailor dictionaries, rules, and masks to your target dataset in order to bring you the highest recovery rate in the shortest possible time. I am good at recognizing patterns, and I use them in further runs against the remaining hashes after the first cycle.
Some algorithms are very slow on GPUs and require specialized hardware or copious amounts of memory to efficiently crack - they're purposely designed this way. Unfortunately, I have to cut my losses for hash types that are not profitable to attack.
I can crack:
  • MD5
  • SHA1
  • SHA2 and SHA3 families
  • Any salted variations of the above (AuthMe, etc)
  • NTLM
  • MySQL
  • Forum CMS hashes (vBulletin, MyBB, Invision, Simple Machines...)
  • Store CMS hashes (OpenCart, PrestaShop, OSCommerce...)
  • Anything not listed here? Ask me, I'll try it out
I cannot crack GPU-resistant or memory-hardened algorithms, such as:
  • Bcrypt
  • Argon2
  • Drupal7
  • PBKDF
  • PHPass with a high number of rounds
  • Anything that's salted but missing its salt column

Working by percentage or per million
Due to unpredictable factors such as list size, algorithm difficulty, and available GPU power, this service has no fixed rate. You decide how much you're willing to pay me. I'm open to all offers, so don't be shy - if a cracking site has already given you a rate, I can probably do it cheaper. You'll pay absolutely zero upfront.
It is typically impossible to achieve a 100% recovery rate on large hash lists. Unsalted lists have a higher recovery rate than salted lists. For this reason, I offer a percentage system. For example, if you offer me $100 to crack 100,000 hashes, and I am only able to recover 80% of them, you only pay $80. Alternatively, if you'd rather pay a set amount per thousand or per million hashes recovered, let me know your rate.


Interested in this service?
Message me on site with the following:
-Your Telegram handle
-Algorithm used for the hashes
-A sample of the hashes
-Your offer (USD/EUR), as explained in the section above
Currently, I'm running a single-GPU rig which is seeing heavy demand. Higher offers will be prioritized.
The rig will be upgraded soon, but you have to help me fund it Wink

Payments accepted in
BTC / ETH / LTC / XMR / USDT / pretty much any other crypto coin - just ask

Terms:
-Please only submit fresh hash lists. I will not crack left lists from bounty sites that have already been attempted by dozens of other people.
-If you have already attempted to crack the hashes yourself, that's fine. Just specify which dictionaries or masks you've used.
-I reserve the right to cancel a job if the rate of recovery is too slow; much of it may be "garbage" or missing salts. You will not be charged for this.
Do not message me with single hashes. I will not crack them. It wastes both my time and yours. Minimum list size is 1,000 hashes.

*(Yep, I know decryption is an incorrect term. However, I often see it mistranslated as such.)]]> 2026 Update - this service is still available! Sup BreachForums,
Since posting my Swiss army knife thread, I've been receiving messages asking for help with bulk cracking or "decryption" of hashes. This service is primarily targeted towards those who have breached sites or bought private data, but don't have the knowledge or hardware to crack hashes.

What can I crack?
I have been cracking hashes as a hobby since 2019. I was a contributor to hashes.org and still regularly hold leaderboard positions on HashMob.
This is not a service in which I just run 60 gigabytes of NCSC/rockyou lists and call it a day. I tailor dictionaries, rules, and masks to your target dataset in order to bring you the highest recovery rate in the shortest possible time. I am good at recognizing patterns, and I use them in further runs against the remaining hashes after the first cycle.
Some algorithms are very slow on GPUs and require specialized hardware or copious amounts of memory to efficiently crack - they're purposely designed this way. Unfortunately, I have to cut my losses for hash types that are not profitable to attack.
I can crack:
  • MD5
  • SHA1
  • SHA2 and SHA3 families
  • Any salted variations of the above (AuthMe, etc)
  • NTLM
  • MySQL
  • Forum CMS hashes (vBulletin, MyBB, Invision, Simple Machines...)
  • Store CMS hashes (OpenCart, PrestaShop, OSCommerce...)
  • Anything not listed here? Ask me, I'll try it out
I cannot crack GPU-resistant or memory-hardened algorithms, such as:
  • Bcrypt
  • Argon2
  • Drupal7
  • PBKDF
  • PHPass with a high number of rounds
  • Anything that's salted but missing its salt column

Working by percentage or per million
Due to unpredictable factors such as list size, algorithm difficulty, and available GPU power, this service has no fixed rate. You decide how much you're willing to pay me. I'm open to all offers, so don't be shy - if a cracking site has already given you a rate, I can probably do it cheaper. You'll pay absolutely zero upfront.
It is typically impossible to achieve a 100% recovery rate on large hash lists. Unsalted lists have a higher recovery rate than salted lists. For this reason, I offer a percentage system. For example, if you offer me $100 to crack 100,000 hashes, and I am only able to recover 80% of them, you only pay $80. Alternatively, if you'd rather pay a set amount per thousand or per million hashes recovered, let me know your rate.


Interested in this service?
Message me on site with the following:
-Your Telegram handle
-Algorithm used for the hashes
-A sample of the hashes
-Your offer (USD/EUR), as explained in the section above
Currently, I'm running a single-GPU rig which is seeing heavy demand. Higher offers will be prioritized.
The rig will be upgraded soon, but you have to help me fund it Wink

Payments accepted in
BTC / ETH / LTC / XMR / USDT / pretty much any other crypto coin - just ask

Terms:
-Please only submit fresh hash lists. I will not crack left lists from bounty sites that have already been attempted by dozens of other people.
-If you have already attempted to crack the hashes yourself, that's fine. Just specify which dictionaries or masks you've used.
-I reserve the right to cancel a job if the rate of recovery is too slow; much of it may be "garbage" or missing salts. You will not be charged for this.
Do not message me with single hashes. I will not crack them. It wastes both my time and yours. Minimum list size is 1,000 hashes.

*(Yep, I know decryption is an incorrect term. However, I often see it mistranslated as such.)]]>