+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Ancient Versions (https://hashcat.net/forum/forum-46.html)
+--- Forum: Very old oclHashcat-plus Support (https://hashcat.net/forum/forum-23.html)
+--- Thread: [HELP] What's the input format of NTLM when using hashcat-plus ? (/thread-2047.html)
Pages:
1
2
[HELP] What's the input format of NTLM when using hashcat-plus ? - unname2012 - 02-06-2013
Hello all,i know my question is stupid but i really want to know what's the format of NTLM when using hashcat-plus to crack ? i usually using JTR to crack NTML with format like this (Administrator:500:XXXXXXXXXXXXXXXXe08f82d6d2a3d8a6:XXXXXXXXXXXXXXXX6bc90ee0d60c6adf:::) ,but it not run in hashcat
please help me
Thank
RE: [HELP] What's the input format of NTLM when using hashcat-plus ? - Kuci - 02-06-2013
Well, you should know how pwdump format works.
Code:
User:UID:LM:NTLMRE: [HELP] What's the input format of NTLM when using hashcat-plus ? - unname2012 - 02-07-2013
(02-06-2013, 03:32 PM)Kuci Wrote: Well, you should know how pwdump format works.
Code:User:UID:LM:NTLM
so,if crack window password,i just need crack this string (XXXXXXXXXXXXXXXX6bc90ee0d60c6​adf) with NTLM Algorithms ?
Thank !
RE: [HELP] What's the input format of NTLM when using hashcat-plus ? - Kuci - 02-07-2013
Well, I see, LM is enabled. In aspect of time it's more advantageous to crack LM than NTLM, because LM is limited to 14 characters, it's made of two hashes with max. lenght of 7 characters. So, you can split your LM into two hashes in half.
Code:
XXXXXXXXXXXXXXXX
e08f82d6d2a3d8a6RE: [HELP] What's the input format of NTLM when using hashcat-plus ? - epixoip - 02-07-2013
lm has no lower-case letters. all letters are converted to uppercase. lm has a total keyspace of 69^7.
RE: [HELP] What's the input format of NTLM when using hashcat-plus ? - Kuci - 02-07-2013
Oh, I forgon, but lowercased chars are converted to uppercase.
RE: [HELP] What's the input format of NTLM when using hashcat-plus ? - epixoip - 02-07-2013
but not with hashcat they're not. you need to manually do all the uppercase conversions with hashcat.
RE: [HELP] What's the input format of NTLM when using hashcat-plus ? - Kuci - 02-08-2013
Well, this is in oclHashcat-plus forum, so the oclHashcat-plus is meant. But good to know.
RE: [HELP] What's the input format of NTLM when using hashcat-plus ? - epixoip - 02-08-2013
i'm using the word 'hashcat' to refer to any hashcat product.
RE: [HELP] What's the input format of NTLM when using hashcat-plus ? - unname2012 - 02-10-2013
Sr all,i bust few day , first i want to say "THANK" to all of you,i have some question about this problem
(02-07-2013, 07:55 AM)Kuci Wrote: Well, I see, LM is enabled. In aspect of time it's more advantageous to crack LM than NTLM, because LM is limited to 14 characters, it's made of two hashes with max. lenght of 7 characters. So, you can split your LM into two hashes in half.i did like you said (you can split your LM into two hashes in half.),but it's not run,if i don't mistake , it's alert "wrong format" when i split LM hash
Remember, both are long up to 7 characters, so if password is 14 characters long and you would try to bruteforce these hashes with small letters and numbers, there are 36^7 of combinations and you can crack both in one row. If you would use NTLM and your password would be 14 characters long, there are 36^14 combinations with same mask.Code:XXXXXXXXXXXXXXXX
e08f82d6d2a3d8a6
Thank