08-30-2016, 03:59 PM
Hey guys. I was able to capture some cached credentials (my own) by using creddump's cachedump funktion.
The output looked like this: user:hash:domain:proxy (at least I'm pretty sure it's the proxy).
Now I know it has to be DCC2, since it's running on Windows 7 but if I enter this in hashcat I get:
"Signature unmatched".
If I try to crack it with DCC I have to change the hash into 'hash:user'. It may run this way, but it does not find any PW. Since I know the password and entered it into my wordlist, it should find it if it was DCC.
So can anyone tell me what I'm doing wrong and maybe help me in identifying the hash type?
Thanks in advance!
The output looked like this: user:hash:domain:proxy (at least I'm pretty sure it's the proxy).
Now I know it has to be DCC2, since it's running on Windows 7 but if I enter this in hashcat I get:
"Signature unmatched".
If I try to crack it with DCC I have to change the hash into 'hash:user'. It may run this way, but it does not find any PW. Since I know the password and entered it into my wordlist, it should find it if it was DCC.
So can anyone tell me what I'm doing wrong and maybe help me in identifying the hash type?
Thanks in advance!