Where to go from here? | 88.97% completion - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html) +--- Forum: Old oclHashcat Support (https://hashcat.net/forum/forum-38.html) +--- Thread: Where to go from here? | 88.97% completion (/thread-4472.html) |
Where to go from here? | 88.97% completion - skillskills - 06-23-2015 You guys have been so helpful in the past. I am just looking for a little insight into my current list. I am at 88.97% cracked and would like to see some more progress on this list. It is NTLM and am not sure where to go from here. AD requires a minimum 6 letter/symbol/number/upper combo, below are my febel attempts crack whats left. -I have brute forced key space 6 to 8. (took 10 days on my home rig) -Ran all the rules that came with oclHC against a wordlist I have and known human passwords list -Ran some rules from KoreLogic Thoughts on the next steps? I have never gotten such high completion with such a list and this is killing me. I know one of my options is to generate a custom mask based off organization name but I have more reading to do on that. I am just wondering if there is something I should do first. Thanks. RE: Where to go from here? | 88.97% completion - atom - 06-23-2015 I'd try combinator based attacks -a 1 or hybrid ones RE: Where to go from here? | 88.97% completion - mastercracker - 06-23-2015 Fingerprint attack RE: Where to go from here? | 88.97% completion - skillskills - 06-24-2015 (06-23-2015, 09:51 PM)atom Wrote: I'd try combinator based attacks -a 1 or hybrid onesThanks I managed to get a number of hits off this! (06-23-2015, 10:56 PM)mastercracker Wrote: Fingerprint attackI will try this next. When you guys hit a dead end for those 1 or 2 hashes you need what is your next course of action? I have been wondering if my password list (993MB) or word list (5.2GB) is not up to spec. But I dont want to end up throwing massive word lists at it due to efficiency issues I have been reading about. Im not sure what a normal password list / word list size is thats not too small or too big. After I refine the technique of the hybrid attacks and figure out how to make the fingerprint lists for attacks I assume its a brute force set it and forget it? I dont want to rely on the 7$ cracking sites (CloudCracker) that do the work for you, it takes the fun and learning out of it. RE: Where to go from here? | 88.97% completion - mastercracker - 06-24-2015 When you reach 90% cracked hashes from a list, it means that you have done an excellent job already. Whatever you do, there can always be uncrackable hashes (like 15 char random password that is remembered by programs like Lastpass, etc.). I would say that my efficient lists are less or close to 100 Mb. RE: Where to go from here? | 88.97% completion - 0hr - 06-24-2015 I was in a similar position and used the PACK software to generate new rules. This helped me squeak out several passwords I don't feel like I would have gotten by any other means https://thesprawl.org/projects/pack/ |