NetNTLMv1 Token length exception
#1
Hey Everyone,
i ran Responder on one of my clients and got this hash "USERNAME:Big GrinOMAIN:000000000000000000000000000000000000000000000000:41683BB1FAAB0F77DFA7711AC42802BB01010000000000006215AEA5EB9CD801DD8FFB5616467BD20000000002000A0073006D006201310032000100140053004500520056004500520032003000300038000400160073006D006200310032002E006F006F00630061006C0003002C0053004500520056004500520032003000300038002E0073006D001100310032002E006C006F00631161006C000500160073006D006200310032002E006C006F00630061006C000800300030000000000000000000000000300010A1296B1FE31B1C82AA9451270AE5D6D4E73FB185F51F39C12F06AB619A0D33E70A0010000000000000000000000000000000000009001E006C006400610070002F004E0054002E006900730073002E00620069007A000000000000000000:1122334455667788"
with an output file called "LDAP-NTLMv1-IPADDRESS"


I'm using latest Hashcat but for some reason all netntlm modes (5500,27000) fail due to token length exception, i even tried netntlmv2 but those fail as well. there were many netntlmv2 hashes, which ran successfully on their mode and were also cracked.

what am i missing here? can anyone help?
Reply