12-19-2022, 02:53 PM
Hi!
I'm experimentig with some old SMB test captures. I have LANMAN (LM) and NTLM hashes too, with challenge. Back in time, Cain can attack LANMAN hashes, and then attack the NTLM using the known UPPERCASE pass.
How can I do it with Hashcat?
I can use -m 5500, (NetNTLMv1 / NetNTLMv1+ESS) but just for the NTLM part. How can Hashcat recover the LM part (7 UPPER chars+1...7 UPPER chars) ?
Sample capture:
I also tried other modes, like -m 3000, but no luck. Formating the capture to a Hashcat compatible way was a task too.
By the way, John can perform this attack out of the box....
Thankyou!
I'm experimentig with some old SMB test captures. I have LANMAN (LM) and NTLM hashes too, with challenge. Back in time, Cain can attack LANMAN hashes, and then attack the NTLM using the known UPPERCASE pass.
How can I do it with Hashcat?
I can use -m 5500, (NetNTLMv1 / NetNTLMv1+ESS) but just for the NTLM part. How can Hashcat recover the LM part (7 UPPER chars+1...7 UPPER chars) ?
Sample capture:
Code:
::USER:0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF:0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF:0123456789ABCDEFI also tried other modes, like -m 3000, but no luck. Formating the capture to a Hashcat compatible way was a task too.
By the way, John can perform this attack out of the box....
Thankyou!