hashcat Forum Misc General Talk v
Process in HashCat $mskrb5$

Thread Closed 
Threaded Mode
Process in HashCat $mskrb5$
catice Offline
Junior Member
**
Posts: 2
Threads: 1
Joined: Feb 2017
#1
02-24-2017, 12:14 PM (This post was last modified: 02-24-2017, 12:51 PM by catice.)
There hash intercepted via Intercepter-ng:
Code:
Kerberos Auth 10:44:53/24/02/17 192.168.5.194/192.168.1.101:88 BRUTE WITH JTR rc4-hmac DOMAIN.COM\tester:$mskrb5$$$A643483079D9E3CC6F14D3C1CB6CCC4E$601841F258521CD7A97A0032DC61E1050EC45FFFAF14A68851C91C4B925036C1864525DE
John Ripper with it normally works.
How to process it in HashCat?
If the format string as:

Code:
$krb5pa$23$tester$DOMAIN.COM$salt$A643483079D9E3CC6F14D3C1CB6CCC4E$601841F258521CD7A97A0032DC61E1050EC45FFFAF14A68851C91C4B925036C1864525DE

it is necessary to remove the symbol                              ^

and password, which I know is not suitable (((

Tell me, where did I go wrong?
Find
atom Offline
Administrator
*******
Posts: 5,185
Threads: 230
Joined: Apr 2010
#2
02-25-2017, 12:12 PM
You need to move the salt after the hash:

Quote:$krb5pa$23$tester$DOMAIN.COM$salt$601841F258521CD7A97A0032DC61E1050EC45FFFAF14A68851C91C4B925036C1864525DEA643483079D9E3CC6F14D3C1CB6CCC4E
Website Find
catice Offline
Junior Member
**
Posts: 2
Threads: 1
Joined: Feb 2017
#3
02-27-2017, 12:44 PM
Yes, its work!!!!!
Very thans!
Find
Thread Closed