10-12-2023, 11:11 AM
Hello,
So I'll be working next week on cracking a few hundred NTLM hashes.
My setup will be as follows:
RTX 4070 GPU
Ryzen 7 7800X
I will be running hashcat from a The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) distribution installed on an external ssd connected via USB3 to my desktop. (So the whole OS is installed on the external drive). I have about 500go of disk space.
I don't have a lot of information about the passwords that I need to crack, no real info on possible format, the idea is to go blindly into it.
I have 1 week of available time (even though since I'm running this from my desktop, I'll be turning it off/on based on my needs. But I plan on running it 18h/day approximately.
The strategy I have in mind as of now is the following:
The question I have is when I run different attacks like this, will it keep track of password it tested, meaning that when I run my mask attacks, it won't test for password it has tried in the first 2 attack modes ?
Likewise when running successive masks using a hcmask file ?
And given my setup (external usb drive for the OS), can I expect some performance issue with wordlists ?
Aditionaly if you have any recommandations or advice, please let me know!
Thank you.
So I'll be working next week on cracking a few hundred NTLM hashes.
My setup will be as follows:
RTX 4070 GPU
Ryzen 7 7800X
I will be running hashcat from a The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) distribution installed on an external ssd connected via USB3 to my desktop. (So the whole OS is installed on the external drive). I have about 500go of disk space.
I don't have a lot of information about the passwords that I need to crack, no real info on possible format, the idea is to go blindly into it.
I have 1 week of available time (even though since I'm running this from my desktop, I'll be turning it off/on based on my needs. But I plan on running it 18h/day approximately.
The strategy I have in mind as of now is the following:
- Start with low hanging fruits (rockyou + rule)
- Increase wordlist size (100-200Go) + rules
- Mask attacks (from https://github.com/sean-t-smith/Extreme_Breach_Masks)
The question I have is when I run different attacks like this, will it keep track of password it tested, meaning that when I run my mask attacks, it won't test for password it has tried in the first 2 attack modes ?
Likewise when running successive masks using a hcmask file ?
And given my setup (external usb drive for the OS), can I expect some performance issue with wordlists ?
Aditionaly if you have any recommandations or advice, please let me know!
Thank you.