Password hashes are a common way of storing passwords securely, but they can also be a target for hackers who want to break into your accounts. If you want to test the strength of your password hashes or recover lost passwords, you need a powerful tool like Hash Suite Pro.
Hash Suite Pro is a program that can audit the security of password hashes by using various methods, such as brute-force, dictionary, hybrid, and rule-based attacks. It supports many types of hashes, such as LM, NTLM, Raw-MD5, Raw-SHA1, Raw-SHA256, Raw-SHA512, DCC, DCC2, SSHA, MD5CRYPT, BCRYPT, SHA256CRYPT, SHA512CRYPT, and WPA-PSK. It can also import hashes from various sources, such as Windows SAM files, PWDUMP files, John the Ripper files, and Ophcrack tables.
In this article, we will show you how to use Hash Suite Pro to crack password hashes in a few easy steps. We will use the example of cracking a Windows NTLM hash that we obtained from a PWDUMP file.
Step 1: Download and Install Hash Suite Pro
The first step is to download and install Hash Suite Pro from its official website[^2^]. You can choose from four versions: Droid, Free, Standard, and Pro. The Pro version has the most features and costs $89.95. You can also download a trial version that has some limitations but allows you to test the program for 30 days.
After downloading the program, run the installer and follow the instructions on the screen. You will need to accept the license agreement and choose a destination folder for the program. You can also create shortcuts on your desktop and start menu.
Step 2: Import Hashes
The next step is to import the hashes that you want to crack. You can do this by clicking on the \"Import\" button on the toolbar or by selecting \"File -> Import\" from the menu. You will see a window where you can choose the type of hashes that you want to import. In our case, we will select \"PWDUMP File\" and browse for the file that contains our NTLM hash.
After selecting the file, click on \"Open\" and wait for Hash Suite Pro to import the hashes. You will see a message that tells you how many hashes were imported and how many were skipped or duplicated. You can also see the details of each hash in the main window of the program.
Step 3: Choose an Attack Method
The third step is to choose an attack method that you want to use to crack the hashes. You can do this by clicking on the \"Attack\" button on the toolbar or by selecting \"Attack -> Start\" from the menu. You will see a window where you can choose from four types of attacks: Brute-force, Dictionary, Hybrid, and Rule-based.
A brute-force attack tries all possible combinations of characters until it finds a match. A dictionary attack tries words from a list that you provide. A hybrid attack combines a dictionary attack with a brute-force attack by adding characters before or after each word. A rule-based attack applies rules to modify words from a dictionary.
In our case, we will choose a dictionary attack because it is faster than a brute-force attack and more likely to succeed than a hybrid or rule-based attack. We will use a wordlist that we downloaded from weakpass.com, which contains over 2 billion common passwords.
Step 4: Start Cracking
The final step is to start cracking the hashes. You can do this by clicking on the \"Start\" button on the bottom right corner of the window. You will see a progress bar that shows you how many hashes have been cracked and how long it will take to finish.
If Hash Suite Pro finds a match for any of the hashes, it will show you the plaintext password in the main window of the program. You can also export the ec8f644aee