Crack_Master is a Bash-based wrapper for Hashcat that offers a streamlined, user-friendly interface for password-cracking tasks. This tool enables users to conduct various attack types—including wordlist, rule-based, brute-force, and hybrid attacks—through an intuitive, menu-driven interface.
Caution
This tool is provided "as-is," without any express or implied warranties. The author assumes no responsibility for any damages, losses, or consequences arising from the use of this tool. It is specifically designed for penetration testing purposes, and should only be used in legal and authorized environments, such as with explicit permission from the system owner. Unauthorized use or misuse of this tool, in violation of applicable laws, is strictly prohibited. Users are strongly advised to comply with all relevant local, national, and international laws and obtain proper authorization before performing any security assessments.
- Multiple attack types: wordlist, rules, brute-force, and hybrid attacks.
- Interactive menu for attack configuration and selection.
- Session restoration support for resuming interrupted sessions.
- Cross-platform compatibility (Linux and Windows).
- OS: Any major Linux distribution
- Programs:
- Hashcat: Install from hashcat.net
- Optional: For WPA2 cracking, consider installing aircrack-ng, hcxtools, and hcxdumptool.
Install Commands:
- Debian/Ubuntu:
sudo apt update && sudo apt install hashcat aircrack-ng hcxtools hcxdumptool git - Fedora:
sudo dnf install hashcat aircrack-ng hcxtools hcxdumptool git
- Arch Linux/Manjaro:
sudo pacman -S hashcat aircrack-ng hcxtools hcxdumptool git
- OS: Windows 10 or later
- Programs:
- Hashcat: Download from hashcat.net
- Git Bash: For a Linux-like terminal, install Git Bash
- Optional: For a more complete Linux environment, set up Windows Subsystem for Linux (WSL)
Tip
Recommended wordlists, rules, and masks: repositories like SecLists and wpa2-wordlists. Store them in Crack_Master under wordlists, rules, and masks folders.
- Clone the repository:
git clone --depth 1 https://github.com/ente0v1/Crack_Master.git cd Crack_Master - Run Crack_Master:
./crackmaster.sh
Tip
(Optional) Download default wordlists and rules:
git clone https://github.com/ente0v1/hashcat-defaults
git lfs install
git pull
cd ..
cp -rf hashcat-defaults/* .
sudo rm -r hashcat-defaults
crackmaster_demo.mp4
For the latest release versions of hashCrack, visit the hashCrack Releases page.
Capture WPA2 hashes using the 4-way handshake method. Relevant capture scripts are provided in the scripts folder.
- Rename the hash file to
hash.txtand place it in theCrack_Masterdirectory. - Run the cracking process:
./crackmaster.sh
- Cracking results are saved in
logs/session.txt.
Crack_Master supports the following attack modes:
| # | Mode | Description |
|---|---|---|
| 0 | Straight | Direct wordlist attack |
| 1 | Combination | Combines two dictionaries to create candidate passwords |
| 3 | Brute-force | Tries every possible password combination within the specified character set |
| 6 | Hybrid Wordlist + Mask | Uses a wordlist combined with a mask to generate variations |
| 7 | Hybrid Mask + Wordlist | Uses a mask combined with a wordlist for generating password candidates |
| 9 | Association | For specific hash types that combine known data with brute-force attempts |
The main menu offers easy access to various cracking methods:
| Option | Description | Script |
|---|---|---|
| 1 (Mode 0) | Crack with Wordlist | Executes wordlist-based cracking |
| 2 (Mode 9) | Crack with Rules | Executes rule-based cracking |
| 3 (Mode 3) | Crack with Brute-Force | Executes brute-force cracking |
| 4 (Mode 6) | Crack with Combinator | Executes hybrid wordlist + mask cracking |
| Q | Quit | Saves settings and logs, then exits |
hashcat -a 0 -m 400 example400.hash example.dict # Wordlist
hashcat -a 0 -m 0 example0.hash example.dict -r best64.rule # Wordlist + Rules
hashcat -a 3 -m 0 example0.hash ?a?a?a?a?a?a # Brute-Force
hashcat -a 1 -m 0 example0.hash example.dict example.dict # Combination
hashcat -a 9 -m 500 example500.hash 1word.dict -r best64.rule # AssociationIf you encounter errors when running Hashcat, you can follow these steps to troubleshoot:
-
Test Hashcat Functionality: First, run a benchmark test to ensure that Hashcat is working properly:
hashcat -b
This command will perform a benchmark on your system to check Hashcat's overall functionality. If this command works without issues, Hashcat is likely properly installed.
-
Check Available Devices: To verify that Hashcat can detect your devices (such as GPUs) for cracking, use the following command:
hashcat -I
This command will list the available devices. Ensure that the correct devices are listed for use in cracking.
-
Check for Errors in Hashcat: If the cracking process fails or Hashcat doesn't seem to recognize your devices, running the above tests should help identify potential problems with your system configuration, such as missing or incompatible drivers.
-
Permissions: If you encounter permission issues (especially on Linux), consider running Hashcat with elevated privileges or configuring your user group correctly for GPU access. You can run Hashcat with
sudoif necessary:sudo hashcat -b
The crackmaster.sh script performs the following tasks:
- Initialization: Loads default parameters and common functions.
- User Input: Prompts for hash file location, wordlist, session name, and attack type.
- Command Construction: Builds the Hashcat command based on user inputs and the selected attack type.
- Execution: Runs the cracking session and displays live status updates.
- Logging: Records session details and results in
logsfor future reference.
For more resources, consider the following repositories:
For more details on Hashcat’s attack modes and usage, consult the Hashcat Wiki, Radiotap Introduction, or Aircrack-ng Guide.