maybe you just didn't understand the posts.
depending on the output you get from your capture tool/dump (i.e. if it is NetNTLMv1 / NetNTLMv1+ESS or NetNTLMv2), you need to use -m 5500 or -m 5600.
The perl command from https://hashcat.net/forum/thread-2563-po...l#pid15255 can be used to convert the output of your capture tool if needed (if it uses the jtr format with $NETNTLM$).
of course you cannot just randomly modify the example hash and think it is still crackable with different data. If you change a hash, you probably make it uncrackable.
the missing part in your hash is the domain. Do you know the doman of the target ?
both -m 5500 and -m 5600 use the domain within the algorithm, it could be blank (empty string) as far as I know, but if the domain is used by the devices, you need to use it too.
The format for -m 5500 is for instance very simple, just $user::$domain:$client_challenge:$response:$server_challenge
depending on the output you get from your capture tool/dump (i.e. if it is NetNTLMv1 / NetNTLMv1+ESS or NetNTLMv2), you need to use -m 5500 or -m 5600.
The perl command from https://hashcat.net/forum/thread-2563-po...l#pid15255 can be used to convert the output of your capture tool if needed (if it uses the jtr format with $NETNTLM$).
of course you cannot just randomly modify the example hash and think it is still crackable with different data. If you change a hash, you probably make it uncrackable.
the missing part in your hash is the domain. Do you know the doman of the target ?
both -m 5500 and -m 5600 use the domain within the algorithm, it could be blank (empty string) as far as I know, but if the domain is used by the devices, you need to use it too.
The format for -m 5500 is for instance very simple, just $user::$domain:$client_challenge:$response:$server_challenge