It’s the same way someone would brute force your password when they try to just enter it in a login form.

But if you would try to login on a website with “1234”, “1235”, etc. you have to wait a fairly long time until you get a reply and might get locked out of trying because of captchas.

Instead you just do exactly the same but using the hash as a form of verification. You just use “1234”, “1235” etc. and hash them in the same way. If you got a match, you can login! This is so much faster and you will never get locked out of trying since you don’t need to communicate with any server.

A different reply tackled the topic of hash collisions. The great thing: if you find a different password that also creates the same hash (collision), you can use this different password as well to log in, since the server will not see any difference!