Windows 10 Hash seems to be wrong
#1
I don't know if it's the right place to ask but,
I've tried diffrent SAM dumpers and i never succeded to crack my windows password (even though it's only numbers)
Here is the command i'm using :
Code:
hashcat.exe -m 1000 -a 3 -w 3 -O --outfile result.txt hashes.txt.sam --increment ?d?d?d?d?d?d?d
I hope someone will be able to help me
Have a good day
Reply
#2
(11-24-2021, 10:05 PM)Moreo Wrote: I don't know if it's the right place to ask but,
I've tried diffrent SAM dumpers and i never succeded to crack my windows password (even though it's only numbers)
Here is the command i'm using :
Code:
hashcat.exe -m 1000 -a 3 -w 3 -O --outfile result.txt hashes.txt.sam --increment ?d?d?d?d?d?d?d
I hope someone will be able to help me
Have a good day

Are you sure you have the right hash in your hashes.txt.sam?
The format of pwdump is the following:

somewindowsuser:500:AAD3B435B51404EEAAD3B435B51404EE:4X8XDX5X8X7XXXXXXXXXCXDX0X4XBX27
             ^             ^                            ^                                                         ^
       Username      RID                    LM Hash                                              NT Hash

You have to put only the NT Hash into your hashes.txt.sam. In this case, it would be 4X8XDX5X8X7XXXXXXXXXCXDX0X4XBX27
You will see the same LM Hash as I posted here, as it represents an empty LM Hash. That's because Windows 10 doesn't support LM anymore (unless you enable it again. Idk if that's possible).
Your NT Hash should be different tho.

You don't even need the --increment option, as you know the length of the password. Just use the right amounts of ?d and it'll be fine.
Reply
#3
Even with only the NT Hash, it still tells me 0/1 recovered, I don't know if the problem comes from my hashes or if my hashcat has a problem
Reply
#4
(11-24-2021, 10:57 PM)Moreo Wrote: Even with only the NT Hash, it still tells me 0/1 recovered, I don't know if the problem comes from my hashes or if my hashcat has a problem

Hm, okay. Let's try it with a dictionary attack. Try this hash: 8846F7EAEE8FB117AD06BDD830B7586C
This is the NT(LM) Hash of the string "password". Try it with rockyou.txt

./hashcat -a 0 -m 1000 '8846F7EAEE8FB117AD06BDD830B7586C' rockyou.txt

If this works, try to put in your password of the hash you want to crack into the rockyou.txt and try to crack your hash again.
Reply
#5
It can find the password hash but it can't found my password, even though it's in rockyou.txt. I think the problem really comes from hash, but I don't know how to get it properly
Reply
#6
(11-25-2021, 08:04 PM)Moreo Wrote: It can find the password hash but it can't found my password, even though it's in rockyou.txt. I think the problem really comes from hash, but I don't know how to get it properly

Are you 100% sure you have the correct plaintext in the wordlist? Otherwise it doesn't make sense to me.
Remember, it's NOT the hash of your windows hello pin (if you have configured that), but the hash of the password of your (microsoft/local) account
Reply
#7
Well, i think it's the right hash, i get it from a file that is exactly username:id:emptyhash:thehashi'msearching
and, i put the pin i use to log in my windows every time i launch it
Reply
#8
(11-25-2021, 09:15 PM)Moreo Wrote: Well, i think it's the right hash, i get it from a file that is exactly username:id:emptyhash:thehashi'msearching
and, i put the pin i use to log in my windows every time i launch it

As stated above, the hash you try to crack is not the hash of the PIN but the hash of the PASSWORD.
Reply
#9
Oh, okay, so i've tried my MS account password, but still not working
Reply
#10
(11-25-2021, 10:40 PM)Moreo Wrote: Oh, okay, so i've tried my MS account password, but still not working

Pff idk man. It seems to be cracking fine, as you were able to crack the example hash. You must be trying the wrong password or the wrong hash. Either of those.
Posting hashes is not allowed, so I don't really know how to help you anymore.
Reply