+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Kerberos v.5 hashing key (/thread-7817.html)
Kerberos v.5 hashing key - BadWood17 - 09-19-2018
Good day.
I have some troubles with Kerberos v.5 and Hashcat.
So, I`ve made two virtual machines, both of them are in Active Directory domen. So, machine 2 connects to machine 1 using KRB5 protocol. Machine 2 has it`s own User in domain, with it`s password. Is the password used like a key to make Kerberos v.5. hash?
I`m trying to crack KRB5 hash using hashcat. This hash was analyzed by Wireshark when Machine 2 and Machine 1 were communicating. ThePassrod12 - is the User`s password in Active Directory domain.
hashcat32.exe -m 7500 -a 3 $krb5pa$23$user$realm$salt$f04d66123a5646c4422f917d234eb9191ddcd2f82241c8c47bac18a0a68f06f7699442a858fad4faa5cccb7e0c102f2889b922d7 ThePassword12
HashcatWork.png (Size: 17.43 KB / Downloads: 4)
But when i try to crack this hash, Hashcat says that it`s not the password.
Please help me. What am i Doing wrong?
RE: Kerberos v.5 hashing key - undeath - 09-19-2018
pretty sure you need to set user/realm/salt appropriately
RE: Kerberos v.5 hashing key - BadWood17 - 09-20-2018
(09-19-2018, 02:33 PM)undeath Wrote: pretty sure you need to set user/realm/salt appropriately
In my last thread you sent me https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/run/krb2john.py
in this file I`ve found this mark in 113 string "user, realm and salt are unused when etype is 23
I`ve seen several same hashtests and these fields were not used
And if i`m not right, and these fields should be used, I don`t know what the salt is. Where to find the salt?