Home > Products > Windows Passwords > Windows Password Recovery > Screenshots > Attacking hashes
Attacking windows hashes
27.12.2016
Happy New Year!
New Year greetings and holidays discount
27.12.2016
Windows Password Recovery v11.1
Some minor improvements, changes in DPAPI engine
06.12.2016
New blog post
Hash encryption in Windows 10 Anniversary Update
30.11.2016
WPA password recovery benchmarks
New devices

Articles and video

You may find it helpful to read our articles on Windows security and password recovery examples. Video section contains a number of movies about our programs in action

Windows Password Recovery - attacking hashes

Currently the program can decrypt Windows hashes in several ways. Confused about what attack to select to recover your passwords? Take a look at our article on recovering password from hashes.


Smart attacks

 

Preliminary attack (developed by Passcape Software)

The recovery method is based upon a social engineering method and consists of several sub attacks. Preliminary attack is very fast and often it is used for guessing simple and short passwords when there's no need to launch a fully scalable attack.
Read more...
Preliminary attack

Artificial Intelligence attack (developed by Passcape Software)

This is a brand-new type of attack developed in our company. It is based upon a social engineering method and allows, without resort to time-consuming and costly computations, to almost instantly and painless recover certain passwords.
Read more...
Artificial Intelligence attack

Fingerprint attack (developed by Passcape, original idea by Atom)

The attack parses input wordlist to generate so-called "fingerprints" used to recover the password. The attack is quite effective in finding difficult passwords for big list of hashes or for password history hashes.
Read more...
Fingerprint attack

Online recovery (developed by Passcape Software)

Searches passwords in Internet databases. It deals fairly well with simple and frequently-used passwords. Its drawback is low operating speed and poor suitability for handling large hash lists.
Read more...
Online recovery

Passcape Rainbow Table attack (developed by Passcape Software)

It's the next generation of regular pre-calculated tables. Passcape table attack is most suitable for recovering complex and strong passwords of unlimited length.
Read more...
Passcape Rainbow Table attack



Common attacks

 

Brute-force attack

Tries all possible combinations from the specified range of characters. For example, for a three-character range of lower-case Latin characters, it will check all possible combinations, starting with 'aaa', 'aab', 'aac', and all the way through 'zzz'. This is the slowest attack, so it is really great for short passwords.
Read more...
Brute-force attack

Dictionary attack

It is the most efficient recovery method, when the program tries each word from the dictionary (or dictionaries if there are several dictionaries) you specify until it finds the original password or until the wordlist is out of words. This method is very efficient since many people use regular words or phrases for their passwords. Besides this type of recovery is performed quite fast compared to brute-force attack, for instance. Additional dictionaries and word-lists can be downloaded from our site or can be ordered on CDs.
Read more...
Dictionary attack

Mask attack

It is a variation of the brute-force attack, except that some characters for finding the password remain unchanged, and only a portion of the password may change. The special syntax is used for setting a mask or rule for finding a password.
Read more...
Mask attack



Advanced attacks

 

Base-word attack (developed by Passcape Software)

At the first glance, this type of attack reminds the one we just described above. It is just as efficient if a portion of the password to be recovered is known to us. However, unlike in the previous attack, here you do not have to set a mask - just provide a basic word. The program will take care of the rest. The phrase attack is based upon the experience of the social engineering to generate a great number of possible combinations of the given original word.
Read more...
Base-word attack

Combined dictionary attack (developed by Passcape Software)

The combo attack uses to find compound passwords. For example, 'nothingtodo' or 'I give up'. It is very similar to the dictionary attack, except that instead of using a single word for password verification it uses a combination of words created by combining words from several dictionaries. You can create your own password generation rules.
Read more...
Combined dictionary attack

Phrase attack (developed by Passcape Software)

The phrase attack is very efficient against complex passwords. The idea of it is to guess the right password by searching through frequently used phrases and combinations. You can download pass-phrase wordlists and dictionaries from our site only!
Read more...
Phrase attack

Rainbow attack

It is a time-memory tradeoff used in recovering the plaintext password from hashes. This attack is quite fast and effective tool for auditing Windows hashes.
Read more...
Rainbow attack

Hybrid dictionary attack

It is like a simple dictionary attack, except that it allows a user to customize word mutation and set your own password mutation rules. The rule definition syntax is compatible with some other password recovery software.
Read more...
Hybrid dictionary attack



GPU-based attacks

 

GPU Brute-force attack

The attack is fully identical to simple brute-force except that to guess passwords, it uses video card instead of CPU. The GPU device to be run the attack on, should be set in 'General Options'.
Read more...
Brute-force GPU attack

GPU fingerprint attack (developed by Passcape Software)

This is one of the most powerful and advanced password recovery technique (invented by our company) aimed mainly to guess strong and complicated passwords. Now with GPU support, thus runs at least 10-x faster.
Read more...
Fingerprint GPU attack

GPU mask attack

GPU mask attack is pretty much like the brute-force one, except that it runs by a given user pattern instead of scanning the whole range of symbols like the brute-force does. It uses computing power of modern GPUs, thus processes passwords much faster.
Read more...
Mask GPU attack

GPU dictionary-force attack (developed by Passcape Software)

Often, when creating passwords, users add certain symbols in the beginning, end or even middle of the word. To recover passwords of this specific kind, we have come up with a GPU-based dictionary attack.
Read more...
Fingerprint GPU attack

GPU hybrid dictionary attack

The same as a simple Hybrid dictionary attack but much faster because uses GPU.
Read more...
GPU hybrid dictionary attack



Other

 

Batch attack (developed by Passcape Software)

The batch attack creates a list of attacks to be run one-by-one, so that you could launch all those attacks with a single mouse-click instead of configuring each of them individually.
Read more...
Batch attack