DES/NetNTLMv1 Cracking Issue
#1
So I have a hash which cracks fine with netntlmv1 mode but I cant seem to crack the third chunk with hashcat/chapcrack/manually. Can someone point out where I am going wrong?

The following netntlmv1 hash has the password of "password.1": e81d062fe3f8fb9f00000000000000000000000000000000:7e8ff866e232d90c199093c6684954c0fd5717880e4b5e13:7ab2b26a22061831

-----------------------------
Confirmation with hashcat:
Code:
a@a:~/hashcat-dev$ ./hashcat -m 5500 --potfile-disable -w 4 -a 3 a::a:e81d062fe3f8fb9f00000000000000000000000000000000:7e8ff866e232d90c199093c6684954c0fd5717880e4b5e13:7ab2b26a22061831 password.1
hashcat (v3.10-90-gecba0d2) starting...
--snip--
a::a:e81d062fe3f8fb9f00000000000000000000000000000000:7e8ff866e232d90c199093c6684954c0fd5717880e4b5e13:7ab2b26a22061831:password.1
Session.Name...: hashcat
Status.........: Cracked
--snip--
Right so let's see if we can crack the third block with chapcrack:
Code:
a@a:~/chapcrack $ ./chapcrack.py radius -C 7ab2b26a22061831 -R 7e8ff866e232d90c199093c6684954c0fd5717880e4b5e13
Cracking K3................
                     C1 = 7e8ff866e232d90c
                     C2 = 199093c6684954c0
                     C3 = fd5717880e4b5e13
                      P = 7ab2b26a22061831
No luck there.

Lets try with hashcat (Trying to crack the 2 byte key):
Code:
a@a:~/hashcat-dev$ ./hashcat -m 14000 -w 4 -o cracked.txt -a 3 -1 charsets/DES_full.charset -2 00 --hex-charset fd5717880e4b5e13:7ab2b26a22061831 ?1?1?2?2?2?2?2?2
hashcat (v3.10-90-gecba0d2) starting...
--snip--
Session.Name...: hashcat
Status.........: Exhausted
Input.Mode.....: Mask (?1?1?2?2?2?2?2?2) [8]
Custom.Chars...: -1 charsets/DES_full.charset, -2 00, -3 Undefined, -4 Undefined
Hash.Target....: fd5717880e4b5e13:7ab2b26a22061831
--snip--

That failed too, let's try and calculate it manually.
Code:
$ echo -n password.1 | iconv -f utf8 -t utf16le | openssl dgst -md4
(stdin)= 006731c3726516dab489ef00fb2308a8
If we take this and split it up into 3 7 byte chunks (null padding up to 21 bytes)
006731c3726516 dab489ef00fb23 08a80000000000

If we take the last chunk and expand it to 8 bytes we get:

0854000000000000

Now if we encrypt our challenge (7ab2b26a22061831) with this key we should get the 3rd block in the original netntlmv1 hash:

(this is using the pycrypto library)
Code:
>>> des = DES.new(binascii.unhexlify("0854000000000000"))
>>> binascii.hexlify(des.encrypt(binascii.unhexlify("7ab2b26a22061831")))
'7e22a569174505aa'
Which doesnt match, it should be: fd5717880e4b5e13

Calculating the odd parity doesnt make a difference:
Code:
>>> des = DES.new(binascii.unhexlify("0854010101010101"))
>>> binascii.hexlify(des.encrypt(binascii.unhexlify("7ab2b26a22061831")))
'7e22a569174505aa'

Any one have any idea where I am going wrong? and why hashcat is failing to crack the third block?
#2
I think you just forgot to mix in the SSP. You can do that like this:

1. Generate SSP by appending the ESS e81d062fe3f8fb9f to the challenge 7ab2b26a22061831 and calculate the md5 of it

Code:
$ perl -e 'print pack ("H*", "7ab2b26a22061831e81d062fe3f8fb9f")' | md5sum
eb4135acbc385cc027829c6c5b2db652  -

2. Replace the first 8 byte of the md5 with the challenge:

Code:
$ ./hashcat -m 14000 --potfile-disable --quiet -a 3 -1 charsets/DES_full.charset --hex-charset fd5717880e4b5e13:eb4135acbc385cc0 ?1?1000000000000
fd5717880e4b5e13:eb4135acbc385cc0:$HEX[0955000000000000]

3. Decode it with deskey_to_ntlm.pl from hashcat-utils:

Code:
root@ht:~/hashcat# perl /root/hashcat-utils/src/deskey_to_ntlm.pl 0955000000000000
08a80000000000
#3
Ah awesome.

Makes perfect sense, thank you very much Smile !