Launching an attack NTLM
#1
So I am trying to crack the password on my laptop for practice. I have been reading all through the wiki and forum posts and am stuck getting my initial command right.
I enter:

oclhashcat64.exe -m 1000 -a 3 -o C:\output.txt ?a?a?a?a?a -i max=10 Localhashes.txt

I get a warning on the ?a?a?a?a line length exception and and error no hashes loaded.

I am using the NTLM format forom the wiki:

1000 NTLM b4b9b02e6f09a9bd760f388b67351e2b

It's probably something stupid I am overlooking or some syntax that's not making sense to me. Help is appreciated.
#2
Syntax is wrong. The proper way to format the above command would be:

Code:
oclHashcat64 -m 1000 -a 3 -i -o C:\output.txt Localhashes.txt ?a?a?a?a?a

Note that I have omitted "max=10" because 1. that is not a valid switch, and 2. your mask is only 5 chars in length so even if you did specify the correct flag, it would do nothing in this scenario.
#3
(01-29-2015, 11:24 PM)epixoip Wrote: Syntax is wrong. The proper way to format the above command would be:

Code:
oclHashcat64 -m 1000 -a 3 -i -o C:\output.txt Localhashes.txt ?a?a?a?a?a

Note that I have omitted "max=10" because 1. that is not a valid switch, and 2. your mask is only 5 chars in length so even if you did specify the correct flag, it would do nothing in this scenario.

Thanks for that I was basing that flag off the link description of increment I found there. Thanks for the input!

How would I correctly use the min max for increment? say I wanted to look at ?a for all 10-15 length char
#4
The flag is actually --increment-max but it doesn't really have much use in the real world. In most all scenarios the maximum will simply be the length of your mask.

If you wanted to brute force ?a len10-15 then you'd use -i --increment-min 10 with a mask of ?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a

Note that you cannot actually brute force this keyspace. On your laptop you'll likely be able to brute force at most 7 chars.
#5
(01-30-2015, 12:03 AM)epixoip Wrote: The flag is actually --increment-max but it doesn't really have much use in the real world. In most all scenarios the maximum will simply be the length of your mask.

If you wanted to brute force ?a len10-15 then you'd use -i --increment-min 10 with a mask of ?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a

Note that you cannot actually brute force this keyspace. On your laptop you'll likely be able to brute force at most 7 chars.

You're right. Smile I just got the flags working that way and 7/8 was something like 4 hours and 10 is >10 years... Guess to really get to enojoy it I will have to play with some word lists and see how that attack method works. I am looking to crack my own password and I use non-standard password formatting based on the rules I have seen and I am having issues figuring out how to go about that! I am sure I will be asking more questions as my skill set improves! I hope my future questions will be less trivial Smile