Reversing MSCHAPv2 to NTLM
#9
I'm trying to replicate this with some NetNTLMv1 hashes I captured during a pentest. I used moxie's chapcrack to generate the base64 encoded string:

Code:
./chapcrack.py radius -C 7cf8afb4c3b35bae 0af0ffddd599edc72768f484b67513440fe9145
Cracking K3....
                    C1 = 236696db60af0ffd
                    C2 = dd599edc72768f48
                    C3 = 4b67513440fe9145
                     P = 7cf8afb4c3b35bae
                    K3 = 0ab50000000000
CloudCracker Submission = $99$fPivtMOzW64jZpbbYK8P/d1Zntxydo9ICrU=

I then used the evilmog's script to generate the hashes for hashcat to crack:

Code:
root@The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali):~# ./mschap.sh fPivtMOzW64jZpbbYK8P/d1Zntxydo9ICrU=
root@The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali):~# cat hashes.txt
236696db60af0ffd:7cf8afb4c3b35bae
dd599edc72768f487cf8afb4c3b35bae
root@The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali):~#

Finally, I pointed hashcat at the hashes and got a parsing error:

Code:
./hashcat -m 14000 hashes.txt -o cracked.txt -a 3 -w 4 -a charsets/DES_full.charset --hex-charset ?1?1?1?1?1?1?1?1
hashcat () starting...

OpenCL Platform #1: Apple
=========================
* Device #1: Intel(R) Core(TM) i7-4870HQ CPU @ 2.50GHz, skipped
* Device #2: Iris Pro, 384/1536 MB allocatable, 40MCU
* Device #3: AMD Radeon R9 M370X Compute Engine, 512/2048 MB allocatable, 10MCU

Hashfile 'hashes.txt' on line 1 (236696db60af0ffd:7cf8afb4c3b35bae): Salt-length exception
Hashfile 'hashes.txt' on line 2 (dd599edc72768f487cf8afb4c3b35bae): Line-length exception
Parsing Hashes: 0/2 (0.00%)...No hashes loaded

Started: Tue Nov  1 10:17:06 2016
Stopped: Tue Nov  1 10:17:06 2016

What am I missing?


Messages In This Thread
Reversing MSCHAPv2 to NTLM - by evilmog - 10-01-2016, 03:46 AM
RE: Reversing MSCHAPv2 to NTLM - by epixoip - 10-01-2016, 06:38 AM
RE: Reversing MSCHAPv2 to NTLM - by soldo - 10-01-2016, 04:05 PM
RE: Reversing MSCHAPv2 to NTLM - by evilmog - 10-01-2016, 09:19 PM
RE: Reversing MSCHAPv2 to NTLM - by bcxbm - 10-05-2016, 09:52 AM
RE: Reversing MSCHAPv2 to NTLM - by atom - 10-05-2016, 02:24 PM
RE: Reversing MSCHAPv2 to NTLM - by bcxbm - 10-06-2016, 02:54 AM
RE: Reversing MSCHAPv2 to NTLM - by atom - 10-06-2016, 06:03 PM
RE: Reversing MSCHAPv2 to NTLM - by fuzztester - 11-01-2016, 04:21 PM
RE: Reversing MSCHAPv2 to NTLM - by atom - 11-03-2016, 12:05 AM
RE: Reversing MSCHAPv2 to NTLM - by evilmog - 11-03-2016, 11:24 PM
RE: Reversing MSCHAPv2 to NTLM - by sneaky_peet - 03-06-2017, 07:28 PM
RE: Reversing MSCHAPv2 to NTLM - by atom - 03-07-2017, 10:00 AM
RE: Reversing MSCHAPv2 to NTLM - by evilmog - 04-25-2018, 01:10 AM
RE: Reversing MSCHAPv2 to NTLM - by evilmog - 04-30-2018, 08:07 PM
RE: Reversing MSCHAPv2 to NTLM - by ktinoulas - 05-07-2018, 03:15 PM
RE: Reversing MSCHAPv2 to NTLM - by undeath - 05-07-2018, 05:13 PM
RE: Reversing MSCHAPv2 to NTLM - by ktinoulas - 05-14-2018, 10:18 AM
RE: Reversing MSCHAPv2 to NTLM - by royce - 05-12-2018, 07:18 PM