+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Bruteforce Not Bruteforcing (/thread-11791.html)
Bruteforce Not Bruteforcing - neonmayer - 01-28-2024
Im trying to find the password to this ntlm hash that i know is a 6digit pin, but hashcat does not test all numbers:
Session..........: hashcat
Status...........: Exhausted
Hash.Mode........: 1000 (NTLM)
Hash.Target......: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
Time.Started.....: Sat Jan 27 22:58:37 2024 (0 secs)
Time.Estimated...: Sat Jan 27 22:58:37 2024 (0 secs)
Kernel.Feature...: Optimized Kernel
Guess.Mask.......: ?d?d?d?d?d?d [6]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 18307.8 kH/s (3.59ms) @ Accel:512 Loops:100 Thr:1 Vec:4
Recovered........: 0/1 (0.00%) Digests (total), 0/1 (0.00%) Digests (new)
Progress.........: 1000000/1000000 (100.00%)
Rejected.........: 0/1000000 (0.00%)
Restore.Point....: 10000/10000 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-100 Iteration:0-100
Candidate.Engine.: Device Generator
Candidates.#1....: 103129 -> 696999
Hardware.Mon.#1..: Temp: 64c Util: 66%
Started: Sat Jan 27 22:58:27 2024
Stopped: Sat Jan 27 22:58:39 2024
here is the """prompt""""
sudo hashcat -m 1000 hashes.txt -a 3 -O ?d?d?d?d?d?d
RE: Bruteforce Not Bruteforcing - b8vr - 01-28-2024
(01-28-2024, 04:08 AM)neonmayer Wrote: Im trying to find the password to this ntlm hash that i know is a 6digit pin, but hashcat does not test all numbers:
Session..........: hashcat
Status...........: Exhausted
Hash.Mode........: 1000 (NTLM)
Hash.Target......: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
Time.Started.....: Sat Jan 27 22:58:37 2024 (0 secs)
Time.Estimated...: Sat Jan 27 22:58:37 2024 (0 secs)
Kernel.Feature...: Optimized Kernel
Guess.Mask.......: ?d?d?d?d?d?d [6]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 18307.8 kH/s (3.59ms) @ Accel:512 Loops:100 Thr:1 Vec:4
Recovered........: 0/1 (0.00%) Digests (total), 0/1 (0.00%) Digests (new)
Progress.........: 1000000/1000000 (100.00%)
Rejected.........: 0/1000000 (0.00%)
Restore.Point....: 10000/10000 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-100 Iteration:0-100
Candidate.Engine.: Device Generator
Candidates.#1....: 103129 -> 696999
Hardware.Mon.#1..: Temp: 64c Util: 66%
Started: Sat Jan 27 22:58:27 2024
Stopped: Sat Jan 27 22:58:39 2024
here is the """prompt""""
sudo hashcat -m 1000 hashes.txt -a 3 -O ?d?d?d?d?d?d
Are you absolutely sure that it is 6 digits and that you're not confusing it with Windows PIN? PIN is part of Windows HELLO, which is not NTLM.
Have a look at
https://github.com/Banaanhangwagen/WINHELLO2hashcat
RE: Bruteforce Not Bruteforcing - Snoopy - 01-29-2024
(01-28-2024, 04:08 AM)neonmayer Wrote: Progress.........: 1000000/1000000 (100.00%)
hashcat testet all numbers, but as b8vr mentioned, sounds more like a windows pin
you can try cracking the ntlm hash with dictionary attack or also bruteforce, but your speed seems very low (kilohashes instead of megahashes, ntlm is a fast hash), and then you have to switch the login option from pin to password when asked for login