Posts: 16
Threads: 5
Joined: Jul 2012
Hello everyone!
I have been experimenting with using freeradius-wpe to collect credentials from WPA enterprise wireless set ups.
the patched radius server is giving me the hashes in the following format:
Code:
mschap: Mon Aug 26 21:17:42 2013
username: bob
challenge: a4:15:00:1c:d5:90:0a:32
response: 63:2e:80:34:15:16:2e:36:65:22:63:79:9f:8e:8a:1c:05:a6:bc:4d:0e:cf:5d:72
john NETNTLM: bob:$NETNTLM$a415001cd5900a32$632e803415162e36652263799f8e8a1c05a6bc4d0ecf5d72
I've tried to convert this into a hashcat friendly format but I'm not getting it to work.
Can anyone point me in the right direction? I'd love to use my GPU on these!
Posts: 4
Threads: 0
Joined: Sep 2012
08-28-2013, 04:15 PM
(This post was last modified: 08-28-2013, 04:16 PM by rajak.)
(08-28-2013, 03:59 PM)fuzztester Wrote: bob:$NETNTLM$a415001cd5900a32$632e803415162e36652263799f8e8a1c05a6bc4d0ecf5d72
I was just looking at this myself this morning. The hash just needs some flipping around:
perl -ne '/(.*?):\$.*?\$(.*?)\$(.*)/; print "$1::::$3:$2\n";'
I haven't tested this with users specified like DOMAIN\user yet. I'm not sure if the domain needs to be moved to the 3rd field or not but it works on the above test case.
Posts: 16
Threads: 5
Joined: Jul 2012
(08-28-2013, 04:15 PM)rajak Wrote: (08-28-2013, 03:59 PM)fuzztester Wrote: bob:$NETNTLM$a415001cd5900a32$632e803415162e36652263799f8e8a1c05a6bc4d0ecf5d72
I was just looking at this myself this morning. The hash just needs some flipping around:
perl -ne '/(.*?):\$.*?\$(.*?)\$(.*)/; print "$1::::$3:$2\n";'
I haven't tested this with users specified like DOMAIN\user yet. I'm not sure if the domain needs to be moved to the 3rd field or not but it works on the above test case.
Thank you! I was overlooking the obvious! Works like a champ!
Posts: 5,185
Threads: 230
Joined: Apr 2010
08-29-2013, 09:25 AM
(This post was last modified: 08-29-2013, 09:25 AM by atom.)
cool stuff, moved to user contributions
Posts: 7
Threads: 2
Joined: May 2017
Can someone explaine a bit more what thist line does ?
perl -ne '/(.*?):\$.*?\$(.*?)\$(.*)/; print "$1::::$3:$2\n";'
if i have a txt file named crack.txt with only bob:$NETNTLM$a415001cd5900a32$632e803415162e36652263799f8e8a1c05a6bc4d0ecf5d72
how should i use it with the perl command ?
Posts: 2
Threads: 1
Joined: Nov 2017
11-23-2017, 01:26 AM
(This post was last modified: 11-23-2017, 09:58 AM by philsmd.)
(08-29-2013, 09:25 AM)atom Wrote: cool stuff, moved to user contributions
Can you please let me know how to pass my MSCHAPv2 hash through the perl command below? Thanks a lot.
perl -ne '/(.*?):\$.*?\$(.*?)\$(.*)/; print "$1::::$3:$2\n";'
The hash captured is below:
username: marcelo
challenge: a1:xx:xx:b5:6a:xx:xx:cb
response: aa:32:4x:xx:x0:ce:25:d9:7x:xx:x1:d9:6a:f5:80:14:ex:xx:xf:01:6f:xx:xx:8f
jtr NETNTLM: marcelo:$NETNTLM$a1xxxxb56axxxxcb$aa324xxxx0ce25d97xxxx1d96af58014exxxxf016fxxxx8f mschapv2: Tue Nov 21 14:49:16 2017
edited by philsmd:
stop posting hashes it's against the forum rules
