Kerberos v.5 hashing key
#1
Good day.

I have some troubles with Kerberos v.5 and Hashcat.
So, I`ve made two virtual machines, both of them are in Active Directory domen. So, machine 2 connects to machine 1 using KRB5 protocol. Machine 2 has it`s own User in domain, with it`s password. Is the password used like a key to make Kerberos v.5. hash?

I`m trying to crack KRB5 hash using hashcat. This hash was analyzed  by Wireshark when Machine 2 and Machine 1 were communicating. ThePassrod12 - is the User`s  password in Active Directory domain. 


hashcat32.exe -m 7500 -a 3 $krb5pa$23$user$realm$salt$f04d66123a5646c4422f917d234eb9191ddcd2f82241c8c47bac18a0a68f06f7699442a858fad4faa5cccb7e0c102f2889b922d7 ThePassword12


.png   HashcatWork.png (Size: 17.43 KB / Downloads: 4)

But when i try to crack this hash, Hashcat says that it`s not the password.


Please help me. What am i Doing wrong?
#2
pretty sure you need to set user/realm/salt appropriately
#3
(09-19-2018, 02:33 PM)undeath Wrote: pretty sure you need to set user/realm/salt appropriately

In my last thread you sent me https://github.com/magnumripper/JohnTheR...rb2john.py

in this file I`ve found this mark  in 113 string "user, realm and salt are unused when etype is 23 Wink

I`ve seen several same hashtests and these fields were not used

And if i`m not right, and these fields should be used, I don`t know what the salt is. Where to find the salt?