hashcat
advanced password recovery

SailingTobi · 08-04-2019, 06:15 PM

Hi all,

I just performed a few Kerberoasting Attacks in a lab and extracted the following RC4-HMAC Hash:

Code:
$krb5tgs$23$*svc_sql$kirk.enterprises$MSSQLSvc/SECOPS-LAB1-ADC.kirk.enterprises:1433*$848EFFF61328D62539D58DF4D72BD175$53003E72E7942CB4EE184F12CDBA9716E5319B1B369339CE568A8EDA23C0AC9DA1E0DE3F73CB446749CBF3133387A982EF3D5DFC0420F88F8E3D12C91C29F587CC3C85E916B9118273D6D5A686256F4780D87FFB7271FA137EE6F18E6B7938C1740F6229E19D72C98C156CEEB4A42E665E9A0438B70107C8219906F034CE0C376BFB83F15D56E7DFC590E089DD221F88F3E11A6E27DC850776A820D5D9BB8B86F306A21381545287FA9987081EA25941ABB4F275AD23497E489ED0D77CCED64A66B15DBEEB7F3673E7134E89801C4651E07A21E38B07D002A49EA36E9BD22721524BABB46415441B04DF19EC0844889BD04C4819782E898FBDC1A10307590949B4FB66CE1C94D673B326DDFDBF9D1E3D23E5842648D01C4A220F3279AF44215EF42A9D731E18DF2D5226AC1747A99369D3A50A75E586519B3D28D975B3F8197447E26FA194F7C8C01BA88E9D6D8104BF01863F3B2F44E7C93DF5AECE9A6E07FD062C3D935BD29C1A9D485504AAC713FC1BDBA506D7CDEABB1E47E006D13B58AB6F1CF7042C1CA95CDF9083122224353D2F621C66127B645CD03130FC4B06920580147511E980DBBE7053ACBA3232F6458C3F3D274B5A76E432BF2C3FFAB025155C83C37F7A7CC486DAA6912E77C232A453BBFCEE99CC7745686831321EEAEE04DD2F1C0DAB453D67F9AB455FE6A0986A9E0009D901F4C4A546ED6A47A6C9454784A8A170CEA79A2D7B6BA0D930458E74E14351CBE74ECCFE888BA38929ACCE1230F25FBA36BC6F7C57E53F2CC994653411DEB8AD5B6F4C8422D85CF50E0B81E320300C5AE0B8F3E38C8AA57B8615D2AD258F9F099A8E0AEDDFC6F22004C82368EC1F927C0437BE4031DDAA1D5221D4313EC2D896F123F0DF06CCA0859E26F6AB5DC6391889D2EAF315039642840F40932B7B93022DDF9AA55E69A2B43B8185B91501500A68EEEA9BE8D1D9D5024765429C52CBA5427998981C466C5FB0F1BE8DD0F389413A31A1FEE59C2A92042796BE5DE2F0B5887D592ED80CD6FEF0E3B76A443C3BA2DBCE36187DEC891C41E8138494E655F79EB8FFEAAE38BC5621146086FA87BB161BD801CC389A5094DB772F91D6D41417FD59CE924C4D8DFC6FB3D7B0C3EB1DA3C02E9878BCD57076780C91D3741A9414BA9611B8E58B8FCBDB1DD2A59466BCEA8FF967C413400DC0E0DC694AC4EB180D4C49C50FDFCFBD8A6C27DA4775BD25A48BDED87F0DC65479A9834DDDB81291711F586AE5C0086FC3ABBAA80299A1D77532D7F9D7C588773B73534E5DFEE523CC875774B2397A74DBCE5F1247CC5463986F6404E09C0ED1DCB6E936CA2C7424D09E76F420CD6B237231507D09E5B43936EC974E1FD46BA9735058DD69344E37741491B1A0C63C73F1FA772C97455B0A7680E9CB32A3FDD886E2330851E6203BACC24E5729CA0BAA4C7ABCB84E6C974897F9D108A129B9431E3249C1D2AC7DC111951CD676E13081FC807F43E9E75CC9D0CF3707F6C08661523BA35F340F5295475F6842

The password is a random 12 char with lower case, upper case and special chars. I played arround with hashcat on a VM with 4 Tesla K80 and did not manage to bruteforce the password:

First try with
Code:
hashcat -m 13100 hash.txt -o result.txt -O -w 3 -a 3
did not result in a successful exfiltration of the password after 5d
Second try with
Code:
hashcat -m 13100 hash.txt -o result.txt -O -w 3 -a 3 -i -incremental-min=12 -incremental-max=12
showed that the password will be cracked after 177 yrs

Is there any way to optimizie the bruteforce process for random passwords? And: is it possible to extratct the NLTM hash only without cracking the password? Extracting the NTLM hash will be sufficient to perform "pass the hash"-attacks.

Thanks guys!
Tobi

**royce** · 08-04-2019, 08:12 PM

If you know for a fact that it's *truly* 12 random characters... then it's not crackable in a reasonable amount of time.

If you do the math:

https://www.wolframalpha.com/input/?i=(2...2B34)%5E12

... it should be immediately clear why.

Mem5 · (This post was last modified: 08-04-2019, 11:10 PM by Mem5.)

Moreoever, why Tesla K80 ? GTX 2080 Ti are about 10x faster.
I'm not kerberos expert but I don't think you can 'extract' NTLM hash from a $krb5tgs hash.

SailingTobi · (This post was last modified: 08-04-2019, 11:53 PM by SailingTobi.)

(08-04-2019, 08:12 PM)royce Wrote: If you know for a fact that it's *truly* 12 random characters... then it's not crackable in a reasonable amount of time.

If you do the math:

https://www.wolframalpha.com/input/?i=(2...2B34)%5E12

... it should be immediately clear why.

Thank you. I see the point, but how do you define "truly" random? I assume passwords generated by a browser password plugin are not truly random. But: how do you crack them, if you won't invest a huge effort? If there is no (easy) way, why would you use passwords with > 16 chars? (e.g. https://malicious.link/post/2017/05-06-2...c-numbers/)

(08-04-2019, 11:08 PM)Mem5 Wrote: Moreoever, why Tesla K80 ? GTX 2080 Ti are about 10x faster.
I'm not kerberos expert but I don't think you can 'extract' NTLM hash from a $krb5tgs hash.

I have > 5k USD free credit with azure for testing purposes :-)
OK, thanks for your feedback!

Mem5 · (This post was last modified: 08-05-2019, 09:01 AM by Mem5.)

(08-04-2019, 11:51 PM)SailingTobi Wrote: how do you define "truly" random? I assume passwords generated by a browser password plugin are not truly random.

They are random, but predictible.
Are you talking about Dashlane? If yes, the default password is 12 characters using 'just' letters and digits (no symbols).
So hashcat mask would be ?u?l?d.
New equation would be : https://www.wolframalpha.com/input/?i=(2...2B10)%5E12 still huge..

SailingTobi · 08-05-2019, 08:34 PM

(08-05-2019, 09:00 AM)Mem5 Wrote:
(08-04-2019, 11:51 PM)SailingTobi Wrote: how do you define "truly" random? I assume passwords generated by a browser password plugin are not truly random.
They are random, but predictible.
Are you talking about Dashlane? If yes, the default password is 12 characters using 'just' letters and digits (no symbols).
So hashcat mask would be ?u?l?d.
New equation would be : https://www.wolframalpha.com/input/?i=(2...2B10)%5E12 still huge..

Thanks for your reply. I just Passbolt in my lab. Cracking 8 char "random" passwords did work well.

Login
Username/Email:
Password:	Lost Password?
	Remember me

hashcat advanced password recovery

hashcat
advanced password recovery