Cracking hashes in the cloud with hashcat (2026)

1. Create RunPod account

Go to https://www.runpod.io and sign up (see the 2019 version of this guide for using Vast.ai instead)
Add a payment method and load credits (you can start with as little as $10)

2. Deploy GPU pod

From the RunPod sidebar, click Pods under Manage
Select a GPU (RTX 5090 or A40 offers good price/performance balance for hashcat)
Under Pod template, keep the default "Runpod Pytorch 2.4.0 (runpod/pytorch:2.4.0-py3.11-cuda12.4.1-devel-ubuntu22.04)"
Select desired GPU count (1-10)
Set Container Disk to 20 GB
Set Volume Disk to 80 GB (or whatever size will be enough for your wordlist, working space, and hashcat)
Click Deploy On-Demand button

3. Connect to pod via SSH

Wait for the pod status to show Running
Click Connect, set up SSH, and copy the command under SSH or SSH over exposed TCP (A web terminal option is also available, but it disconnects frequently)
Paste the SSH command into your local terminal to connect

4. Start a tmux Session

tmux keeps your processes running even if your SSH connection drops:

apt update && apt install -y tmux
tmux new -s hashcat

Run everything below inside this tmux session. If your SSH connection drops, just reconnect and reattach:

tmux attach -t hashcat

5. Install hashcat from source

since the apt package is currently one major version behind (v6 vs v7).

apt install -y git make gcc g++ p7zip-full wget
cd /workspace
git clone https://github.com/hashcat/hashcat.git
cd hashcat
make -j$(nproc)
make install

Verify and benchmark the installation:

hashcat --version
hashcat -I
hashcat -b

You should see v7.x and your NVIDIA GPU(s) listed under CUDA. Rather than benchmark all modes, you can restrict via -b -m <mode>.

6. Download a wordlist

Weakpass comes in a variety of flavors (weakpass_4.merged, weakpass_4, weakpass_4.latin, etc.), and the site hosts a massive collection of additional wordlists.

cd /workspace
wget https://weakpass.com/download/2025/weakpass_4.merged.txt.7z
7z x weakpass_4.merged.txt.7z
rm weakpass_4.merged.txt.7z

7. Download additional rules

wget https://raw.githubusercontent.com/stealthsploit/OneRuleToRuleThemStill/main/OneRuleToRuleThemStill.rule

8. Upload hash(es)

Upload hash(es) via scp or import via echo your-hash >> hash.txt (vi/m, nano, and even ed were missing from the base OS image; installed former and pasted in several hashes, one per line: apt install vim && vim hash.txt → Cmd+V → :wq)

9. Run hashcat

Run these in order, stopping once you've cracked what you need. Each successive pass is slower but more thorough. (v7 introduced hash-mode autodetection.)

Pass 1: Straight dictionary (no rules):

hashcat hash.txt weakpass_4.merged.txt -O -w 4 --session=pass1

Pass 2: Dictionary with fast rules:

hashcat hash.txt weakpass_4.merged.txt -r ./hashcat/rules/best66.rule -O -w 4 --session=pass2

Pass 3: Dictionary with aggressive rules:

hashcat hash.txt weakpass_4.merged.txt -r OneRuleToRuleThemStill.rule -O -w 4 --session=pass3

Pass 4: Deep rules sweep:

hashcat hash.txt weakpass_4.merged.txt -r ./hashcat/rules/dive.rule -O -w 4 --session=pass4

Pass 5: Brute-force / mask attack (all printable ASCII, 1–8 chars)

hashcat hash.txt -a 3 ?a?a?a?a?a?a?a?a --increment -O -w 4 --session=pass5

Key flags

-O: Optimized kernels; significantly faster, limits password length to 31 chars
-w 4: Nightmare workload profile; maxes out the GPU
--session=<name>: Names the session so you can resume with --restore if interrupted

Useful during a run

Press s to display status
Press p to pause, r to resume
Press q to quit gracefully (session is saved for --restore)

10. Check results

cat ~/.local/share/hashcat/hashcat.potfile or hashcat hash.txt --show (speed up the latter by adding -m <mode>)

11. Terminate the pod

After saving your results locally, Stop then Terminate pod to destroy and stop billing.

created: 2026.02.23