09-28-2016, 11:03 AM
thanks for the tip.
so far here is where i am:
since its a test i know one of the passwords so i have put it in my worldlist around line 2000
to verify if it will actually work.
i made 2 test files:
file1 is containing the hash as i had it already in this format:
user:hash:domain:domain-short:::
in file2 i used the test hash you gave me and exchanged username und hash with the known one from file1
$DCC2$10241#username#hash
my hash and your testhash have the same length
on my following tests with JTR and hashcat i used format mscash2 on all tests
JTR and file1: process is starting and after a moment its succesfully showing me the password
JTR and file2: process is starting but no password is found
hashcat and file1: process is starting but no password is found
hashcat and file2: same error as in 1st post for sure
seems like hashcat and JTR have a different understanding of the format mscash2??
so the question is how can i dump DCC in the format hashcat needs?
i dumped the hashes i use now with the secretdump.py from here https://github.com/CoreSecurity/impacket
then i also tried the cachedump in The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) linux
http://tools.The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali).org/password-attacks/creddump
but there i get an error which seems to be a known bug
https://github.com/moyix/creddump/issues/5
so how can i dump the DCC in the format needed by hashcat?
thanks so much in advance already
so far here is where i am:
since its a test i know one of the passwords so i have put it in my worldlist around line 2000
to verify if it will actually work.
i made 2 test files:
file1 is containing the hash as i had it already in this format:
user:hash:domain:domain-short:::
in file2 i used the test hash you gave me and exchanged username und hash with the known one from file1
$DCC2$10241#username#hash
my hash and your testhash have the same length
on my following tests with JTR and hashcat i used format mscash2 on all tests
JTR and file1: process is starting and after a moment its succesfully showing me the password
JTR and file2: process is starting but no password is found
hashcat and file1: process is starting but no password is found
hashcat and file2: same error as in 1st post for sure
seems like hashcat and JTR have a different understanding of the format mscash2??
so the question is how can i dump DCC in the format hashcat needs?
i dumped the hashes i use now with the secretdump.py from here https://github.com/CoreSecurity/impacket
then i also tried the cachedump in The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) linux
http://tools.The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali).org/password-attacks/creddump
but there i get an error which seems to be a known bug
https://github.com/moyix/creddump/issues/5
so how can i dump the DCC in the format needed by hashcat?
thanks so much in advance already