Understanding Hashcat Rules

Master the art of creating and using Hashcat rules to significantly enhance your password cracking capabilities.

How Hashcat Rules Work

Hashcat rules are a powerful feature that allow you to modify and expand your wordlists dynamically. They can significantly increase the effectiveness of your password cracking attempts by applying common patterns and variations to each word in your list.

Rules in Hashcat are applied to each word in your wordlist. They can perform various operations such as:

Changing case (lowercase, uppercase, capitalize)
Adding numbers or special characters
Reversing the word
Duplicating characters
Replacing characters

Basic Rule Syntax

Hashcat rules use a simple syntax where each character represents an operation. Here are some basic examples:

: - Do nothing (passthrough)
l - Lowercase the word
u - Uppercase the word
c - Capitalize the word
$1 - Append '1' to the end
^1 - Prepend '1' to the beginning
r - Reverse the word

Using a Basic Rule

Apply a rule to capitalize the word and add '123' at the end

hashcat -a 0 -m 0 hashes.txt wordlist.txt -r 'c $1 $2 $3'

This rule capitalizes each word and adds '123' to the end. For example, 'password' becomes 'Password123'.

Advanced Rule Techniques

Hashcat allows you to chain multiple rules together and create complex transformations. Here's an advanced example:

Advanced Rule Usage

Apply multiple transformations to each word

hashcat -a 0 -m 0 hashes.txt wordlist.txt -r 'c $! $1 $3 $7'

This rule capitalizes the word, adds a special character, then adds '1', '3', and '7'. For example, 'password' might become 'Password!137'.

For more information on creating and using Hashcat rules, check out the official Hashcat documentation on rule-based attacks.

Rule Creation Tips

Start with common password patterns
Consider target-specific information
Combine multiple simple rules
Test rules on sample wordlists
Optimize for performance and effectiveness