hashcat最新版（6.2.6）
https://github.com/hashcat/hashcat
进入解压目录的hashcat，在终端打开
sudo make
sudo make install
完成编译安装
hashcat --version #查看版本号，如果正常显示，说明已经安装成功。
如果需要卸载，运行make uninstall后删除文件夹即可
sudo make uninstall

hashcat命令介绍
https://hashcat.net/wiki/?id=frequently_asked_questions#how_can_i_identify_the_hash_type

在线使用rar2john工具提取rar的hash值，还有一些常用文件类型的提取工具，如pdf2john，office2john，zip2john**【在线提取hash值格式与通过deepin下john the ripper的rar2john提取后的文件内容，稍有不同。JtR提取后要删除开头XXXX.rar:文件名以及末尾：：：及type，文件名等内容，只留​rar开头与末尾的33，或者30。否则hashcat运行会提示Token length exception或者no hashes load，而john the ripper可以使用】**
https://hashes.com/en/johntheripper/rar2john

这是hashcat实验需要的测试文件格式
https://openwall.info/wiki/john/sample-non-hashes#RAR
实际测试结果[上传图片一直提示违规，打了马赛克都不行，作罢]

对RAR文件hash值结构的分析

RAR Archive hashcat mode are 12500 (RAR3-hp) and 13000 (RAR5), and output format looks like:
$RAR3$*type*hex(salt)*hex(partial-file-contents):type::::

type = 0 stands for files encrypted with rar -hp Option "hp" encrypts both file data and headers. Sample:
$RAR3$*0*45109af8ab5f297a*adbf6c5385d7a40373e8f77d7b89d317

type = 1 stands for files encrypted with rar -p Option "-p" option encrypts only files. Sample:
$RAR3$*type*hex(salt)*hex(crc)*PACK_SIZE*UNP_SIZE*0*archive_name*offset-for-ciphertext*method:type::file_name
or
$RAR3$*type*hex(salt)*hex(crc)*PACK_SIZE*UNP_SIZE*1*hex(full encrypted file)*method:type::file_name

这是hashcat 帮助文字，可以查询-m 参数设置，例如​RAR31 对应23800 | RAR3-p (Compressed)
使用hashcat --help查看

Usage: hashcat [options]... hash|hashfile|hccapxfile [dictionary|mask|directory]...

11600 | 7-Zip | Archive

• 12500 | RAR3-hp | Archive
  23800 | RAR3-p (Compressed) | Archive
  23700 | RAR3-p (Uncompressed) | Archive
  13000 | RAR5 | Archive
  17220 | PKZIP (Compressed Multi-File) | Archive
  17200 | PKZIP (Compressed) | Archive
  17225 | PKZIP (Mixed Multi-File) | Archive
  17230 | PKZIP (Mixed Multi-File Checksum-Only) | Archive
  17210 | PKZIP (Uncompressed) | Archive
  20500 | PKZIP Master Key | Archive
  20510 | PKZIP Master Key (6 byte optimization) | Archive
  23001 | SecureZIP AES-128 | Archive
  23002 | SecureZIP AES-192 | Archive
  23003 | SecureZIP AES-256 | Archive
  13600 | WinZip | Archive
  18900 | Android Backup | Archive
  24700 | Stuffit5 | Archive

• [ Attack Modes ] -

  | Mode

  ===+======
  0 | Straight
  1 | Combination
  3 | Brute-force
  6 | Hybrid Wordlist + Mask
  7 | Hybrid Mask + Wordlist
  9 | Association

• [ Basic Examples ] -

  Attack- | Hash- |
  Mode | Type | Example command
  ==================+=======+==================================================================
  Wordlist | ​P | hashcat -a 0 -m 400 example400.hash example.dict
  Wordlist + Rules | MD5 | hashcat -a 0 -m 0 example0.hash example.dict -r rules/best64.rule
  Brute-Force | MD5 | hashcat -a 3 -m 0 example0.hash ?a?a?a?a?a?a
  Combinator | MD5 | hashcat -a 1 -m 0 example0.hash example.dict example.dict
  Association | $1$ | hashcat -a 9 -m 500 example500.hash 1word.dict -r rules/best64.rule

If you still have no idea what just happened, try the following pages:

• https://hashcat.net/wiki/#howtos_videos_papers_articles_etc_in_the_wild
• https://hashcat.net/faq/

If you think you need help by a real human come to the hashcat Discord:

• https://hashcat.net/discord