10-10-2016, 04:54 PM
I think you just forgot to mix in the SSP. You can do that like this:
1. Generate SSP by appending the ESS e81d062fe3f8fb9f to the challenge 7ab2b26a22061831 and calculate the md5 of it
2. Replace the first 8 byte of the md5 with the challenge:
3. Decode it with deskey_to_ntlm.pl from hashcat-utils:
1. Generate SSP by appending the ESS e81d062fe3f8fb9f to the challenge 7ab2b26a22061831 and calculate the md5 of it
Code:
$ perl -e 'print pack ("H*", "7ab2b26a22061831e81d062fe3f8fb9f")' | md5sum
eb4135acbc385cc027829c6c5b2db652 -2. Replace the first 8 byte of the md5 with the challenge:
Code:
$ ./hashcat -m 14000 --potfile-disable --quiet -a 3 -1 charsets/DES_full.charset --hex-charset fd5717880e4b5e13:eb4135acbc385cc0 ?1?1000000000000
fd5717880e4b5e13:eb4135acbc385cc0:$HEX[0955000000000000]3. Decode it with deskey_to_ntlm.pl from hashcat-utils:
Code:
root@ht:~/hashcat# perl /root/hashcat-utils/src/deskey_to_ntlm.pl 0955000000000000
08a80000000000