hybrid attack Netntlm too slow
#1
Hello Guys,
I write a thesis to review the security in windows systems starting with LM-Hash.
For showing the weakness of the LM-Algorithm I create a 14 char random password without numbers.
The first part i successfully obtained with help of rainbow tables and now i want to obtain the second part.
The netntlm.pl script which uses John is much too slow for it. It runs 8 hours until I canceled it.

So i created a file with all upper/lower case possibilites first (with echo{a,A}..etc)

The benchmark says that i have the power to calculate 11873 MH/s (AMD R9 390)


My calculation is that hashcat should be able to crack the remaining 7 chars in under an hour:
85(- 10 numbers)^7 / 11873000000 H/s  = time in second
85^7/11873000000= 2700 s

passwordpossibilites.txt= All Lower/Uppercase possibilites of M%RFOFT

But when i start the hybrid attack
hashcat64.exe -m 5500 hash.txt -a  6 passwordpossibilites.txt ?a?a?a?a?a?a?a

the status said that it tooks 26 years.

I then tried the example hash for netlmv1 from wiki. Pure bruteforcing is done in seconds and when i try a hybrid attack it tooks 189 days.

test.txt simple contains an 'h' (first capitol of 'hashcat')
hashcat64.exe -m 5500 hash.txt -a 6 test.txt ?a?a?a?a?a?a

What did i'm wrong im confused. I also tried to create "more work" which the program suggests :

hashcat64.exe -a 6 test.txt ?a?a?a?a?a?a | hashcat64.exe -m 5500 hash.txt

but then the estimated time is always 0 sec.

I hope someone can help me here 

Greetings
Marsupilami
#2
your are doing something weird. Why are you using -a6 with a 7 char mask when you're trying to crack a LM hash? The plaintext cannot be longer than 7 chars. -a6 is only fast if your left side has enough candidates. piping is best solution. To check your speed just check if hashcat's speed matches your expectation.

(10-26-2018, 03:30 PM)Marsupilami Wrote: but then the estimated time is always 0 sec.

When piping candidates hashcat cannot calculate the estimated time.
#3
(10-26-2018, 03:35 PM)undeath Wrote: your are doing something weird. Why are you using -a6 with a 7 char mask when you're trying to crack a LM hash? The plaintext cannot be longer than 7 chars.

(10-26-2018, 03:30 PM)Marsupilami Wrote: but then the estimated time is always 0 sec.

When piping candidates hashcat cannot calculate the estimated time.

ah ok thats confusing yes i see..

 what i want to to

The plaintext password(of course I know it) is M%rFofT!:W$u.M

The first part M%RFoFT i got with rainbowtables. Because of the design of LM Algorithm its all Uppercase
M%RFOFT


Unfortunately hashcat don't support the old NetLM- Algorithm so i have to crack the NetNTLM-Part of it which is case sensitive

So i created a textfile with all possibilities as described above and want to Brute force the remaining 7 chars a?a?a?a?a?a?a? that i get the 14 chars NTLMv1 password

hashcat -a 6(hybrid attack dict+mask) possibilities.txt ?a?a?a?a?a?a?a -m 5500 (NetNTLMv1)

I expect something like this:
M%RFoFTsH!:KI%
#4
see my edit above, piping (as you were already doing) is the correct approach.
#5
Ok my dictionary has 128 entries with all possibilites of that word. I think thats not enough or?

"To check your speed just check if hashcat's speed matches your expectation."

Do you want to say that i just have to wait that hour to prove my expectation and use that piping?
hashcat64.exe -a 6 possibilities.txt ?a?a?a?a?a?a?a | hashcat64.exe -m 5500 hash.txt
#6
Hi again,
after 35 min hashcat has finished but without success. It says "Exhausted".
It seems that it only uses the first entry from the dictionary of 128 entries M%RFOFT. How can i hashcat tell it should uses the remaining entries too? 



Entries of possibilities.txt
M%RFOFT
m%RFOFT
M%RFOFT
M%rFOFT
M%RfOFT
M%RFoFT
M%RFOfT
M%RFOFt
m%RFOFT
m%rFOFT
m%RfOFT
m%RFoFT
m%RFOfT
m%RFOFt
M%rFOFT
M%RfOFT
M%RFoFT
M%RFOfT
M%RFOFt
M%rfOFT
M%rFoFT
M%rFOfT
M%rFOFt
M%RfoFT
M%RfOfT
M%RfOFt
M%RFofT
M%RFoFt
M%RFOft
m%rFOFT
....

I used the following command: (modified for less keyspace(without numbers))

hashcat64.exe -a 6 possibilities.txt -1 ?l?u?s ?1?1?1?1?1?1?1 --stdout | hashcat64.exe -m 5500 hash.txt
#7
it should have used all the possibilities. You can check that by examining the output of the first command on its own.
#8
hi, unfortunately hashcat dont uses all possibilities but only the first entry. 
When i paste the correct first half on the first place it successfully gets the password. When the correct is somewhere else hashcat says Exhausted. I approved this behavior with many passwords and im still confused
Greetings

Edit:
Hi I checked the first output and as you expect it creates all possibilities howewer the second part after the pipe only use the first entry without the pipe it is working
hashcat64.exe -a 6 possibilities.txt -1 ?l?u?s ?1?1?1?1?1?1?1 --stdoud => Creates all possibilities
hashcat64.exe -a 6 possibilities.txt -1 ?l?u?s ?1?1?1?1?1?1?1 --stdout | hashcat64.exe -m 5500 hash.txt => Only uses the first entry => Exhausted
hashcat64.exe -m 5500 -a hash.txt possibilities.txt ?l?u?s ?1?1?1?1?1?1?1 => works
#9
this sounds very strange and I'm pretty sure that it doesn't behave like you think it behaves.

How would the second process even know when the "second" word from possibilities.txt begins. It has no information about the words. The second command only runs everything it get's as input.

I think there are many ways to troubleshoot this. e.g. using a "cat" or "type" command as the first part of your pipe, instead of the stdout command.

you should also test with the newest beta version of hashcat from https://hashcat.net/beta just to make sure and probably also test older versions from https://hashcat.net/hashcat

you should also look carefully at your status prompt (hashcat output). maybe you have a lot of rejected password candidates (there is a line for that too)?
#10
(10-27-2018, 09:12 PM)philsmd Wrote: this sounds very strange and I'm pretty sure that it doesn't behave like you think it behaves.

How would the second process even know when the "second" word from possibilities.txt begins. It has no information about the words. The second command only runs everything it get's as input.

I think there are many ways to troubleshoot this. e.g. using a "cat" or "type" command as the first part of your pipe, instead of the stdout command.

you should also test with the newest beta version of hashcat from https://hashcat.net/beta just to make sure and probably also test older versions from https://hashcat.net/hashcat

you should also look carefully at your status prompt (hashcat output). maybe you have a lot of rejected password candidates (there is a line for that too)?

I think it has something to do with the stdout command. When i remove it and just pipe on cat i get the error "Token length exeption". On beta version i have the same behaviour. Its difficult for me to split the commands.. cause the a6 (hybrid attack) expects a hashfile I get the Token length expetion. But I want to start the cracking process in the second part after the pipe for creating more work and the first pipe just should just create the candidates. 
I did tries with prince and maskprocessor but unfortunately it dont work.
My thought was that the princeprocessor reads in the dictionary and the maskprocessor adds the remaining characters and then hashcat uses the result as input for cracking.
pp64.exe possibilities.txt | mp64.exe ?a?a?a?a?a?a?a | cat
I would expect something like
M%RFOFtafDK!%A but when i cat the result i just get the output of mp64.exe tafDK!%A