10-30-2021, 05:28 AM
(10-29-2021, 05:00 PM)philsmd Wrote: how are these hashes generated ?
the algorithm details say, that the password always needs to be converted to upper-case (hashcat does this internally, like all the other correct generators).
also see https://en.wikipedia.org/wiki/LAN_Manage..._algorithm
maybe you testing is wrong and you are generating them incorrectly ? otherwise you probably wouldn't ask for a-z characters (if the hash algorithm says that everything needs to be upper-cased internally).
I think this is a misconception/misunderstanding
The hashes I tested are dumped from my computer by mimikatz after I changed my password, so they do really exist
The case conversion happens only if the character is a lowercase letter, but what my password contains are chinese characters, input by alt code and encoded in codepage 950(usually labelled as big5)
I think that's the reason why a 0x61~0x7A byte could be used as input when generating the hash