11-13-2013, 07:02 PM
I am working with an NTLM hash that was extracted using Quarks PW dump from a domain controller. This is a case where someone locked the keys in the car and now we need to get in. By using a combination of the registry keys and the AD database, I was able to extract the hashes and put them in a text format. I was hoping to use hashcat to crack them, but I keep getting a line exception error when running against the hash.
Below is an example of the command running:
oclHashcat-plus64.exe --hash-type 1000 --attack-mode 3 user:0000:#D##########D####D#DD#D####DDD##:##D##D#DDD###D##D#D###D##D#DD##D:
I am using the hashcat gui for simplicity on a Windows system.
When running the program I am getting a line length exception on every line, when attempting to pull from the text file that was created.
Assistance would be appreciated.
Below is an example of the command running:
oclHashcat-plus64.exe --hash-type 1000 --attack-mode 3 user:0000:#D##########D####D#DD#D####DDD##:##D##D#DDD###D##D#D###D##D#DD##D:
I am using the hashcat gui for simplicity on a Windows system.
When running the program I am getting a line length exception on every line, when attempting to pull from the text file that was created.
Assistance would be appreciated.