hashcat Forum Support hashcat v
Bruteforce Not Bruteforcing

Threaded Mode
Bruteforce Not Bruteforcing
neonmayer Offline
Junior Member
**
Posts: 1
Threads: 1
Joined: Jan 2024
#1
01-28-2024, 04:08 AM
Im trying to find the password to this ntlm hash that i know is a 6digit pin,  but hashcat does not test all numbers:

Session..........: hashcat                               
Status...........: Exhausted
Hash.Mode........: 1000 (NTLM)
Hash.Target......: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
Time.Started.....: Sat Jan 27 22:58:37 2024 (0 secs)
Time.Estimated...: Sat Jan 27 22:58:37 2024 (0 secs)
Kernel.Feature...: Optimized Kernel
Guess.Mask.......: ?d?d?d?d?d?d [6]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 18307.8 kH/s (3.59ms) @ Accel:512 Loops:100 Thr:1 Vec:4
Recovered........: 0/1 (0.00%) Digests (total), 0/1 (0.00%) Digests (new)
Progress.........: 1000000/1000000 (100.00%)
Rejected.........: 0/1000000 (0.00%)
Restore.Point....: 10000/10000 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-100 Iteration:0-100
Candidate.Engine.: Device Generator
Candidates.#1....: 103129 -> 696999
Hardware.Mon.#1..: Temp: 64c Util: 66%

Started: Sat Jan 27 22:58:27 2024
Stopped: Sat Jan 27 22:58:39 2024

here is the """prompt""""
sudo hashcat -m 1000 hashes.txt -a 3 -O ?d?d?d?d?d?d
Find
Reply
b8vr Offline
Member
***
Posts: 106
Threads: 1
Joined: Apr 2022
#2
01-28-2024, 11:21 AM
(01-28-2024, 04:08 AM)neonmayer Wrote: Im trying to find the password to this ntlm hash that i know is a 6digit pin,  but hashcat does not test all numbers:

Session..........: hashcat                               
Status...........: Exhausted
Hash.Mode........: 1000 (NTLM)
Hash.Target......: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
Time.Started.....: Sat Jan 27 22:58:37 2024 (0 secs)
Time.Estimated...: Sat Jan 27 22:58:37 2024 (0 secs)
Kernel.Feature...: Optimized Kernel
Guess.Mask.......: ?d?d?d?d?d?d [6]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 18307.8 kH/s (3.59ms) @ Accel:512 Loops:100 Thr:1 Vec:4
Recovered........: 0/1 (0.00%) Digests (total), 0/1 (0.00%) Digests (new)
Progress.........: 1000000/1000000 (100.00%)
Rejected.........: 0/1000000 (0.00%)
Restore.Point....: 10000/10000 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-100 Iteration:0-100
Candidate.Engine.: Device Generator
Candidates.#1....: 103129 -> 696999
Hardware.Mon.#1..: Temp: 64c Util: 66%

Started: Sat Jan 27 22:58:27 2024
Stopped: Sat Jan 27 22:58:39 2024

here is the """prompt""""
sudo hashcat -m 1000 hashes.txt -a 3 -O ?d?d?d?d?d?d

Are you absolutely sure that it is 6 digits and that you're not confusing it with Windows PIN? PIN is part of Windows HELLO, which is not NTLM.
Have a look at
https://github.com/Banaanhangwagen/WINHELLO2hashcat
Find
Reply
Snoopy Offline
Posting Freak
*****
Posts: 825
Threads: 15
Joined: Sep 2017
#3
01-29-2024, 06:06 PM
(01-28-2024, 04:08 AM)neonmayer Wrote: Progress.........: 1000000/1000000 (100.00%)

hashcat testet all numbers, but as b8vr mentioned, sounds more like a windows pin

you can try cracking the ntlm hash with dictionary attack or also bruteforce, but your speed seems very low (kilohashes instead of megahashes, ntlm is a fast hash), and then you have to switch the login option from pin to password when asked for login
Find
Reply