• Home »
  • »
  • Hashcat: Use the Hashcat-gui On Windows To Brute Force MD5 Hashes

Hashcat: Use the Hashcat-gui On Windows To Brute Force MD5 Hashes

Hashcat is an excellent tool to use or security audits of passwords. I will be doing a series of articles relating to anything from simple brute forcing such as the article to more complex techniques using Hashcat, oclHashcat, and the Hashcat-gui on both Windows and Linux operating systems. The goal is to make people more aware of the technologies available to crack passwords which should allow people to audit their companies passwords for more strict enforcement. This article relates to using the Hashcat-gui on Windows 7 to crack 10 MD5 hashes and assumes that you already have successfully installed Hashcat and the Hashcat-gui.

Use Hashcat-gui To Brute Force MD5 Hashes:

  1. Launch Hashcat: First launch the Hashcat-gui either by shortcut from your desktop or by the Windows program menu. Once launched the Hashcat-gui will look similar to the below.

    Launch Hashcat-gui

    As you can see above the interface is simple and easy to use. During the instructions below we will describe what needs to be entered to brute force MD5 hashes.

  2. Select Hashes To Crack: You will need the hashes you want to crack in a file. For this example we have 10 MD5 hashes which have been generated from various 2,3, and 4 letter character combinations.

    10 MD5 Hashes Used:


    1. b86fc6b051f63d73de262d4c34e3a0a9
    2. 39d5f03866e8fc7ec35269b0900f591d
    3. f0780ad0675aea0bb9020bd00686ec57
    4. d93591bdf7860e1e4ee2fca799911215
    5. fa246d0262c3925617b0c72bb20eeb1d
    6. cc7d1f45e3bf37c205a58225e6093906
    7. 2eabc29a6dd9283082f4229d1dbb05c6
    8. b8a1e50a3650098af8a69e7d40ae7ce3
    9. 9ae5249810360f6d98f2190aa12dddb7
    10. 4346d362f67c89d7ab4e28732a1b1ce8

    Click the folder to the right of the Hashfile field of Hashcat-gui and browse to the location of the file that includes the MD5 hashes you want to crack. Select the file so the full path displays in the Hashcat-gui as displayed in the below example image.

    Hashcat-gui Hashfile Path With MD5 Hashes

  3. Hashcat Mode, Hash Type, & Password Length: Make sure that the Hashcat-gui mode is set to Brute-Force and he Hash drop down is set to MD5 as shown in the above example image. Also set the Password Length to the amount of characters in length you want to test. It is recommended to start with a smaller length until you are familiar with the amount of time it takes to run on longer passwords that have been hashed. In this example we are going to run from a minimum length of one character to a maximum length of four characters so the fields have been set to 1 and 4.
  4. Enter Charset: After the above three settings have been configured you will need to enter the characters you want to be tested in the Charset field. In this example we are using a full US charset which is listed below in text and then displayed within Hashcat-gui in the example image.

    Full Charset Used For Hashcat Brute-Force:


    1. ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789! "#$%&'()*+,-./:;<=>?@[\]^_`{|}~

    Hashcat-gui Brute Force With Full Charset

  5. Select Output File: Click the folder to the right of the Outfile field to browse to the location you want the results to be saved to. In this example I have selected the Desktop of my Windows 7 laptop and a filename of testmd5out.txt. If the file does not exist then it will pop open a warning such as the example image below asking if you want to create the file.

    Hashcat-gui: Select Outfile - Create File?

    Click the Yes button in the Select Outfile warning which will create the file and place the path in the Hashcat-gui as shown below.

    Hashcat-gui Select Outfile

    **NOTE** It is possible to get a Runtime Error if you leave the “Monitor Outfile” checked below the Select Outfile field. This appears to only be happening on specific versions of Windows and should be resolved soon. If this error occurs you can simply close it and the hash cracking process will still take place without issue and in future attempts to crack passwords using the Hashcat-gui simply uncheck the Monitor Outfield check box.

  6. Run Hash Cracking Process: Now click the “Hash me, I’m a digest” button to begin the brute forcing of the MD5 hashes which will open the progress window as shown below.

    Hashcat Brute Forcing MD5 Hashes

    If all of the hashes are located then a “All hashes have been recovered” message will display followed by a command prompt again. In this case we know all of the hashes will be recovered since we generated the MD5 hashes ourselves.

  7. Review Cracked MD5 Hashes: Once the process is completed you can review the hashes that were recovered by opening the Outfile you specified. The contents of the Outfile from the above example after running the Hashcat brute force attempt are below.

    1. b86fc6b051f63d73de262d4c34e3a0a9:AB
    2. 4346d362f67c89d7ab4e28732a1b1ce8:!1
    3. 39d5f03866e8fc7ec35269b0900f591d:$1H
    4. cc7d1f45e3bf37c205a58225e6093906:QD!
    5. 9ae5249810360f6d98f2190aa12dddb7:4L3x
    6. d93591bdf7860e1e4ee2fca799911215:4321
    7. b8a1e50a3650098af8a69e7d40ae7ce3:p@s5
    8. fa246d0262c3925617b0c72bb20eeb1d:9999
    9. 2eabc29a6dd9283082f4229d1dbb05c6:!Qd!
    10. f0780ad0675aea0bb9020bd00686ec57:$# @

The above describes very simple brute forcing with the Hashcat-gui. Be aware that the longer the charset and the longer the length of password that you are attempting to brute-force can make the process take a very long time.

Cryptography for Developers (Paperback)

List Price: $66.95 USD
New From: $17.99 USD In Stock
Used from: $48.95 USD In Stock