03-28-2016, 01:17 PM
Hello.
I used this very good tool for testing security threads on solutions for our customer. About week later i try do penetration test for MS VPN (NetNTLMv2).
I setup scenario with "MIDM" and catch challenge and response for autentification with Wireshark. Now, real challenge start with right assemble this information to format acceptable by Hashcat
.
I not realize this before, it seems, that i am do something wrong, but i am not able find this mistake.
So. situation is below:
I run script "crack_vpn.sh" (for easy edit and place comments for my colleagues)
test_enc.txt (maybe in this format i do mistake, for security reason i not place some information)
I am not sure with 1122334455667788. How can i check it from Wireshark?
Hashcat result:
My colleague do connect and i am sure, that he set his password for only 6 digit (1 milion possibilities). Hashcat accept format of this input file, but not calculate password.
Hash should be OK, i try do this capture in our customer and hashes looks similar.
Many thanks for any effort.
I used this very good tool for testing security threads on solutions for our customer. About week later i try do penetration test for MS VPN (NetNTLMv2).
I setup scenario with "MIDM" and catch challenge and response for autentification with Wireshark. Now, real challenge start with right assemble this information to format acceptable by Hashcat
.I not realize this before, it seems, that i am do something wrong, but i am not able find this mistake.
So. situation is below:
I run script "crack_vpn.sh" (for easy edit and place comments for my colleagues)
Code:
./hashcat-cli64.bin -a 3 -m 5600 /home/shared/hashcat/INPUT/test_enc.txt ?d?d?d?d?d?d -o /home/shared/hashcat/OUTPUT/test_dec.txttest_enc.txt (maybe in this format i do mistake, for security reason i not place some information)
Code:
<user_name>:<domain>:<name_of_user's_pc>:1122334455667788:2ad388f256aae4a7fa63132247f3c111:cc1d54076bd8346bb46fc7bbf546902700000000000000004647457df074a6c266586afac7eeba645ffe4037ce38205a00I am not sure with 1122334455667788. How can i check it from Wireshark?
Hashcat result:
Code:
XXX@LinuxUbuntu hashcat$ ./crack_vpn.sh
Initializing hashcat v2.00 with 4 threads and 32mb segment-size...
Added hashes from file /home/shared/hashcat/INPUT/test_enc.txt: 1 (1 salts)
Activating quick-digest mode for single-hash with salt
[s]tatus [p]ause [r]esume [b]ypass [q]uit =>
Input.Mode: Mask (?d?d?d?d?d?d) [6]
Index.....: 0/1 (segment), 1000000 (words), 0 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: 3.40M plains, 3.40M words
Progress..: 1000000/1000000 (100.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--
Started: Mon Mar 28 12:54:48 2016
Stopped: Mon Mar 28 12:54:49 2016My colleague do connect and i am sure, that he set his password for only 6 digit (1 milion possibilities). Hashcat accept format of this input file, but not calculate password
.Hash should be OK, i try do this capture in our customer and hashes looks similar.
Many thanks for any effort.