Cracking LastPass hashes
Having saved the preceding hash into a file, we can now proceed to cracking. In hashcat, the mode is 6800, and we will use an attack mode of 0 with a wordlist in this example, so the command will look like this:
hashcat -a 0 -m 6800 lasthash rockyou.txt
Here, lasthash is a text file containing the hash to crack, and rockyou.txt is the wordlist to use. Let’s look at the results in Figure 9.9:
Figure 9.9 – Successful cracking of the LastPass hash
You may have noticed that we have used a lot of the John conversion utilities in other chapters to prepare a hash for cracking and wondered why we did not do that here. The reason is that, unfortunately, the lastpass2john.py conversion utility has not been updated in many years, and only works on old versions of Firefox and an old version of the LastPass extension.
While we were successful, note the very slow hash speed. While this was CPU-only cracking, it is important...
