Cracking a pin number is very easy when you are using Linux. There are utilities to generate a wordlist and then this may be used to crack the pin number hash.
This is how to generate a wordlist with all possible number combinations using the numbers 249.
jason@jason-desktop:~$ crunch 16 16 249 -o pin.lst Crunch will now generate the following amount of data: 731794257 bytes 697 MB 0 GB 0 TB 0 PB Crunch will now generate the following number of lines: 43046721 crunch: 100% completed generating output |
This will generate a wordlist 690 Megabytes in size that contains 43046721 lines of text. Then, hashcat could be used with a fast GPU to work through all possible numbers and then find the passkey. But if you added more numbers to the PIN, like 12 numbers, then it would be impossible to do this.
A wordlist containing all possible numbers is impossibly large, 150 Petabytes.
jason@jason-desktop:~$ crunch 16 16 1234567890 -o pin.lst Crunch will now generate the following amount of data: 170000000000000000 bytes 162124633789 MB 158324837 GB 154614 TB 150 PB Crunch will now generate the following number of lines: 10000000000000000 |
If you are including all of the alphabet in English and all numbers, then it is massive.
jason@jason-desktop:~$ crunch 16 16 abcdefghijklmopqrstuvwxwyz1234567890 -o pin.lst Crunch will now generate the following amount of data: 1791808160169288017 bytes 1708801422280 MB 1668751388 GB 1629640 TB 1591 PB Crunch will now generate the following number of lines: 6616016035436858689 |
This goes to show that a more complex password or PIN is better than using a simple password like “samthedog”. But the crunch utility is very useful if you know the pattern that the PIN would use and you want to generate a wordlist using all possible combinations and have a go at cracking a pin hash.
A massively complicated password is even more complicated to crack, then you have a massive amount of possible hashes that could be the password, then it depends upon the strength of the security protecting the password does it not?
jason@jason-desktop:~$ crunch 8 11 'abcdefghijklmopqrstuvwxwyz1234567890!@#$%^&*' -o pin.lst Crunch will now generate the following amount of data: 11394382299022665439 bytes 10866529749891 MB 10611845458 GB 10363130 TB 10120 PB Crunch will now generate the following number of lines: 951419502596721348 |
The example above shows the result of creating a wordlist which contains all possible numbers and letters as well as a few special characters. But this is absurd. This is reaching the limits of the script and may not be accurate. The real number might be even higher, and what if you used even more special characters in other languages or unicode characters? But if you know the pattern the PIN code or password should use and how many minimum and maximum characters, then you can use crunch.
Usage: crunch
This is a very useful utility for anyone who wants to start out cracking passwords or passkeys. Learn how to use hashcat as well. They go very well together. And ensure you have a very fast CPU and/or GPU.