+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Unable to crack second half of LM hash (/thread-8771.html)
Unable to crack second half of LM hash - PingTrip - 11-13-2019
I ran into this issue recently during a CTF competition and spent a little time replicating a test scenario. Given a 13-char password as an LM hash, Hashcat (v5.1.0) successfully cracks the first hash but not the second.
To re-create the issue I padded Hashcat's example LM hash out to 13-chars:
HASHCATHASHCA = 299BD128C1101FD6A9BF21707E39C1C7
And ran a typical attack for LM hashes:
Code:
$ hashcat '299BD128C1101FD6A9BF21707E39C1C7' -m3000 -a3 -1 ?u?d?s ?1?1?1?1?1?1?1
$ hashcat '299BD128C1101FD6A9BF21707E39C1C7' -m3000 --show
299bd128c1101fd6a9bf21707e39c1c7:HASHCAT[notfound]As a sanity check I ran a John session on the same hash:
Code:
$ john lm_test.hash --format=LM-opencl --fork=4
$ john lm_test.hash --format=LM-opencl --show
Device 3: GeForce GTX 1080
?:HASHCATHASHCA
2 password hashes cracked, 0 leftRE: Unable to crack second half of LM hash - philsmd - 11-13-2019
HASHCA is not 7 characters long (?1?1?1?1?1?1?1 cracks 7 char passwords)
RE: Unable to crack second half of LM hash - PingTrip - 11-13-2019
(11-13-2019, 02:00 PM)philsmd Wrote: HASHCA is not 7 characters long (?1?1?1?1?1?1?1 cracks 7 char passwords)
Holy cow, I'm having senior moments and haven't yet met the age requirement. Of course, I overlooked incremental...
Thanks Philsmd!