So how does this magical tool work? Well, let me break it down for ya:
1️ If not, go ahead and download the latest version from their website or GitHub.
2️ Once you’ve got Hashcat up and running, open a terminal window and navigate to the directory where you want to run Test.PL. This could be your home folder, a specific project folder, or anywhere else that makes sense for your needs.
3️ Now it’s time to create a new file called “test.pl” (without quotes) and open it in your favorite text editor. You can use any text editor you like I personally prefer Vim because it’s super fast and efficient, but feel free to use whatever works best for you.
4️ Once you have the file opened, copy and paste the following code into it:
#!/usr/bin/perl
# This line specifies the path to the Perl interpreter, allowing the script to be executed as a standalone program.
use strict;
# This line enables strict mode, which enforces stricter syntax and variable usage to help prevent errors.
use warnings;
# This line enables warnings, which will display any potential issues or errors in the code.
use Text::CSV;
# This line imports the Text::CSV module, which provides functions for handling CSV files.
use File::Slurp qw(read_file);
# This line imports the File::Slurp module, which provides functions for reading and writing files.
my $csv = Text::CSV->new();
# This line creates a new Text::CSV object, which will be used to parse the CSV file.
my @rows;
# This line creates an empty array to store the rows of data from the CSV file.
open my $fh, '<', 'hashes.txt' or die "Can't open file: $!";
# This line opens the "hashes.txt" file in read mode and assigns it to the filehandle $fh. If the file cannot be opened, the script will terminate and display an error message.
while (my $line = <$fh>) {
# This line reads each line of the file and assigns it to the variable $line.
chomp($line);
# This line removes any trailing newline characters from the line.
push(@rows, [split(' ', $line)]);
# This line splits the line into an array using the space character as the delimiter, and then adds the resulting array as an element to the @rows array.
}
close($fh);
# This line closes the filehandle $fh.
open my $out_fh, '>', 'results.txt' or die "Can't open file: $!";
# This line opens the "results.txt" file in write mode and assigns it to the filehandle $out_fh. If the file cannot be opened, the script will terminate and display an error message.
foreach my $row (@rows) {
# This line iterates through each element in the @rows array, assigning it to the variable $row.
foreach my $password (1..100000) { # Change this to adjust the number of passwords tested per hash
# This line creates a loop that will run 100000 times, with the variable $password incrementing by 1 each time.
my ($hash, $salt) = @{$row->[0]};
# This line uses array dereferencing to assign the first element of the current row to the variables $hash and $salt.
my $time_start = time();
# This line records the current time and assigns it to the variable $time_start.
my $result = `echo -n "$password" | sha256sum --check --stdout`; # Change this to adjust the hashing algorithm used for testing (e.g., md5sum, sha1sum)
# This line uses the `backticks` operator to execute the command within the quotes and assign the output to the variable $result.
if ($result eq "OK\n") {
# This line checks if the output of the command is equal to "OK\n".
my $time_end = time();
# This line records the current time and assigns it to the variable $time_end.
my $elapsed = $time_end - $time_start;
# This line calculates the elapsed time by subtracting $time_start from $time_end and assigns it to the variable $elapsed.
print "$hash:$salt:$password:$elapsed\n"; # Change this to adjust the output format (e.g., CSV, JSON)
# This line prints the hash, salt, password, and elapsed time in the specified format.
}
}
}
close($out_fh);
# This line closes the filehandle $out_fh.
5️ Save and close the file.
6️ Now it’s time to run Test.PL! To do this, navigate back to your terminal window and type:
# This script is used to run the Test.PL file using the Perl interpreter.
# The following line uses the "perl" command to execute the Test.PL file.
perl test.pl
7️ Wait for a few minutes (or hours) while Hashcat cracks all the passwords in “hashes.txt” using each of the 100,000 passwords specified in Test.PL.
8️ Once it’s finished, you can open up “results.txt” to see which hashes were cracked and how long it took for Hashcat to do so.
And that’s it! You now have a basic understanding of how Test.PL works in Hashcat. Of course, there are many more advanced features you can use with this utility (such as specifying different hashing algorithms or output formats), but we’ll save those for another day.