10-11-2021, 06:32 PM
ntlm is a really really fast hash
if you just use rockyou.txt (i think it has 14 mio passwords) even with an old graphicscard hashcat will test these passwords in seconds (in fact, the whole process starting hashcat and pushing the candidates to the gpu will last longer)
you can use rules to modify the passes and therefore provide more password-candidates (see /rules)
because of the fact ntlm is such a fast hash try bruteforcing it
just a fast lookup with an test-pw
?a 1to6 under a minute
?a 7 an hour max
more common masks length 7-8 like
?l?d,?l?u?d,?a?2?1?1?1?1?a
?l?d,?l?u?d,?a?2?1?1?1?1?1?a
also minutes
OR google it, there are some sites on the internet which have really huge precomputed rainbowtables for ntlm hashes where you can "lookup" these and check whether there are known or not
if you just use rockyou.txt (i think it has 14 mio passwords) even with an old graphicscard hashcat will test these passwords in seconds (in fact, the whole process starting hashcat and pushing the candidates to the gpu will last longer)
you can use rules to modify the passes and therefore provide more password-candidates (see /rules)
because of the fact ntlm is such a fast hash try bruteforcing it
just a fast lookup with an test-pw
?a 1to6 under a minute
?a 7 an hour max
more common masks length 7-8 like
?l?d,?l?u?d,?a?2?1?1?1?1?a
?l?d,?l?u?d,?a?2?1?1?1?1?1?a
also minutes
OR google it, there are some sites on the internet which have really huge precomputed rainbowtables for ntlm hashes where you can "lookup" these and check whether there are known or not