Linux Hashcat Installation and System Benchmark

Introduction

Hashcat is widely recognized as one of the fastest and most advanced password recovery tools. It supports a wide variety of hashing algorithms and can leverage both CPUs and GPUs to accelerate the process of cracking passwords.

In this lab, you will go through the fundamental steps of getting started with Hashcat on a Linux system. You will learn how to install it using the standard package manager, verify that the installation is successful, and most importantly, run a benchmark to understand the performance capabilities of your system. This is a crucial first step for anyone interested in penetration testing, system security auditing, or performance analysis.

By the end of this lab, you will be comfortable with the initial setup and evaluation of Hashcat.

Install Hashcat using the apt package manager

In this step, you will install Hashcat on your Ubuntu system. We will use the apt package manager, which is the standard tool for managing software on Debian-based Linux distributions like Ubuntu.

First, it's a good practice to update your system's package list to ensure you get the latest available versions of software. Run the following command in your terminal:

sudo apt update

You will see the package lists being downloaded from the repositories.

Next, you can install Hashcat. The -y flag is used to automatically answer "yes" to any prompts during the installation process, making it non-interactive.

sudo apt install hashcat -y

The system will now download and install Hashcat and its dependencies. You will see output detailing the progress of the installation. A sample output might look like this (the exact packages and versions may vary):

Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  hashcat-data ocl-icd-libopencl1
The following NEW packages will be installed:
  hashcat hashcat-data ocl-icd-libopencl1
0 upgraded, 3 newly installed, 0 to remove and XX not upgraded.
Need to get X,XXX kB of archives.
After this operation, XX.X MB of additional disk space will be used.
...
Setting up hashcat-data (X.X.X+ds1-1) ...
Setting up ocl-icd-libopencl1:amd64 (X.X.X-1) ...
Setting up hashcat (X.X.X+ds1-1) ...
Processing triggers for man-db (X.X.X-1) ...
Processing triggers for libc-bin (X.X.X-0ubuntu1) ...

Once the command prompt returns, Hashcat is installed on your system.

Verify the Hashcat installation with 'hashcat --version'

In this step, you will verify that Hashcat was installed correctly and is accessible from your terminal. A common way to check if a command-line tool is installed and working is to ask for its version number.

Execute the following command to display the installed version of Hashcat:

hashcat --version

If the installation was successful, the command will print the version number of the Hashcat binary. The output should look similar to this:

vX.X.X

Seeing the version number confirms that the operating system can find and execute the hashcat program.

List available computing devices with 'hashcat -I'

In this step, you will identify the computing devices that Hashcat can use for its operations. Hashcat is designed to utilize the parallel processing power of modern hardware, including both Central Processing Units (CPUs) and Graphics Processing Units (GPUs).

To see a list of all compatible OpenCL devices on your system, you can use the -I (uppercase i) flag.

Run the following command:

hashcat -I

This command will scan your system and list all devices it can use, along with their details. In this virtual environment, you will likely only see the CPU listed. If you were running this on a machine with a dedicated graphics card, you would see it listed as well.

The output will look something like this:

hashcat (vX.X.X) starting...

OpenCL Info:
============

Platform ID #1
  Vendor  : ...
  Name    : ...
  Version : OpenCL X.X ...

  Device ID #1
    Type           : CPU
    Vendor ID      : XXX
    Vendor         : ...
    Name           : Intel(R) Xeon(R) ...
    Version        : OpenCL X.X ...
    Processor(s)   : X
    Clock          : XXXX MHz
    ...

This information is useful for knowing which devices Hashcat will use and for selecting specific devices for a task if multiple are available.

Run a system benchmark for MD5 with 'hashcat -b -m 0'

In this step, you will run a benchmark to measure your system's performance for a specific type of hash. This is a critical step to understand how quickly your system can attempt to crack passwords.

We will use the built-in benchmark mode of Hashcat. The command uses two important flags:

-b or --benchmark: This tells Hashcat to run its benchmark mode instead of an actual cracking session.
-m 0: This specifies the hash type to benchmark. The number 0 corresponds to the MD5 algorithm. MD5 is a very common and relatively fast hashing algorithm.

Now, run the benchmark command in your terminal:

hashcat -b -m 0

Hashcat will start the benchmark process. It will test the specified algorithm (MD5) on all detected devices and report the speed. The process may take a minute to complete. The output will be detailed, but the most important part is the speed summary at the end.

hashcat (vX.X.X) starting in benchmark mode...

... (initialization messages) ...

Benchmark relevant options:
===========================
* Hash-Type: 0 (MD5)

... (device information) ...

[s]tatus [p]ause [r]esume [b]ypass [q]uit =>

... (status updates) ...

Benchmark.Final:
================
* Hash-Type: 0 (MD5)

Speed.Dev.#1.:   XXX.X MH/s (XX.XXms)

...

Wait for the benchmark to complete before proceeding to the next step.

The Speed.Dev.#1. line shows the performance of your primary device (the CPU in this case).

Interpret the benchmark speed results

In this final step, we will analyze the output from the benchmark you just ran. This is a conceptual step with no new commands to execute.

Look back at the output from the hashcat -b -m 0 command in the previous step. The key piece of information is the line that starts with Speed.

Speed.Dev.#1.:   XXX.X MH/s (XX.XXms)

Let's break this down:

Speed.Dev.#1.: This refers to the speed of Device #1, which you identified in Step 3 (likely your CPU).
XXX.X MH/s: This is the most important metric. It stands for "Mega Hashes per second". A value of 100.0 MH/s means your system can compute and check 100 million MD5 hashes every second. The higher this number, the faster your system can perform a brute-force or dictionary attack.
(XX.XXms): This value indicates the latency or time taken for a batch of operations, which is more relevant for performance tuning. For a basic benchmark, the H/s value is the primary indicator of performance.

The speed you see is specific to the MD5 algorithm (-m 0). If you were to benchmark a more complex algorithm like bcrypt (-m 3200), the speed would be dramatically lower (measured in H/s or kH/s instead of MH/s) because bcrypt is intentionally designed to be slow to compute.

Understanding your system's benchmark speed is essential for estimating the time required for a password cracking task.

Summary

Congratulations! You have successfully completed this lab on Hashcat installation and benchmarking.

In this lab, you have acquired the following skills:

Installing the Hashcat tool on a Linux system using the apt package manager.
Verifying a software installation by checking its version.
Identifying the available CPU and GPU computing devices that Hashcat can utilize.
Running a system performance benchmark for a specific hash algorithm (MD5).
Interpreting the benchmark results to understand your system's hash-cracking capabilities.

These foundational skills are essential for anyone looking to use Hashcat for security auditing, password recovery, or system performance evaluation. You are now ready to explore more advanced features of Hashcat.