11-19-2018, 06:45 PM
everything is from my lab domain, where i test things.
This is the wireshark capture:
GET / HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, */*
Accept-Language: de-DE
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
If-Modified-Since: Mon, 19 Nov 2018 14:49:06 GMT
If-None-Match: "83216451780d41:0"
Host: 10.10.66.4
Connection: Keep-Alive
Authorization: Digest username="User1",realm="Digest",nonce="+Upgraded+v1d95f0252b2c97add7c3d19f0b23275be01fec8711880d4019975d3e5dd89fc7cd707d6f562d73635ad8a08c702778c3f9bdc20e7cc9d65d0",uri="/",cnonce="+Upgraded+v174d4365dd37172c6f972d3719175bd4cc5d776b973f0cf6060b43e1c3dfefa0c",nc=00000001,algorithm=MD5-sess,response="95e42ef615f178300e863c767724cc0c",qop="auth",charset=utf-8,hashed-dirs="service-name,channel-binding",service-name="HTTP/10.10.66.4",channel-binding="00000000000000000000000000000000"
The password for the user is "P@ssw0rd"
the file i constructed for hashcat is as follows:
$sip$***User1*Digest*GET**/**+Upgraded+v1d95f0252b2c97add7c3d19f0b23275be01fec8711880d4019975d3e5dd89fc7cd707d6f562d73635ad8a08c702778c3f9bdc20e7cc9d65d0*+Upgraded+v174d4365dd37172c6f972d3719175bd4cc5d776b973f0cf6060b43e1c3dfefa0c*00000001*auth*MD5*95e42ef615f178300e863c767724cc0c
is "hashed directives" the missing piece to my puzzle? or what is wrong?
This is the wireshark capture:
GET / HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, */*
Accept-Language: de-DE
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
If-Modified-Since: Mon, 19 Nov 2018 14:49:06 GMT
If-None-Match: "83216451780d41:0"
Host: 10.10.66.4
Connection: Keep-Alive
Authorization: Digest username="User1",realm="Digest",nonce="+Upgraded+v1d95f0252b2c97add7c3d19f0b23275be01fec8711880d4019975d3e5dd89fc7cd707d6f562d73635ad8a08c702778c3f9bdc20e7cc9d65d0",uri="/",cnonce="+Upgraded+v174d4365dd37172c6f972d3719175bd4cc5d776b973f0cf6060b43e1c3dfefa0c",nc=00000001,algorithm=MD5-sess,response="95e42ef615f178300e863c767724cc0c",qop="auth",charset=utf-8,hashed-dirs="service-name,channel-binding",service-name="HTTP/10.10.66.4",channel-binding="00000000000000000000000000000000"
The password for the user is "P@ssw0rd"
the file i constructed for hashcat is as follows:
$sip$***User1*Digest*GET**/**+Upgraded+v1d95f0252b2c97add7c3d19f0b23275be01fec8711880d4019975d3e5dd89fc7cd707d6f562d73635ad8a08c702778c3f9bdc20e7cc9d65d0*+Upgraded+v174d4365dd37172c6f972d3719175bd4cc5d776b973f0cf6060b43e1c3dfefa0c*00000001*auth*MD5*95e42ef615f178300e863c767724cc0c
is "hashed directives" the missing piece to my puzzle? or what is wrong?