09-19-2024, 11:48 AM
just guessing, the last rule isĀ
therefore the maximum length affected is 14 (zero to 13), that would be the maximum LM password, BUT NTLM can be longer, LM passwords are just stripped to the lenght of 14
for example, the NTLM pw is "ThisIsMyPassword", LM would be "THISISMYPASSWO" the result after cracking the LM hash with hashcat would be two outputs for the hash "THISISM" and "YPASSWO"
BUT as mentioned, this doesn't need to be the full password for NTLM, this only works when the password is shorter or even 14, you need to put these two parts together use the rules to toggle output these into a new file and run a hybrid attack with an appended mask to be able to crack the last 2 (in this case) letters
Code:
T0T1T2T3T4T5T6T7T8T9TATBTCTDtherefore the maximum length affected is 14 (zero to 13), that would be the maximum LM password, BUT NTLM can be longer, LM passwords are just stripped to the lenght of 14
for example, the NTLM pw is "ThisIsMyPassword", LM would be "THISISMYPASSWO" the result after cracking the LM hash with hashcat would be two outputs for the hash "THISISM" and "YPASSWO"
BUT as mentioned, this doesn't need to be the full password for NTLM, this only works when the password is shorter or even 14, you need to put these two parts together use the rules to toggle output these into a new file and run a hybrid attack with an appended mask to be able to crack the last 2 (in this case) letters