Exfiltration of target material
#1
Is there documentation on how to appropriately exfiltrate target hash/material for the various supported types?

I.e. how to prep MS docs to obtain hash data or Apple notes, or various FDE schemes? Thanks 😊
Reply
#2
office2john.py
7z2hashcat.py
blockchain2john.py
bitcoin2john.py
1password2john.py
itunes_backup2hashcat.pl
etc

it depends on your hash type
they can be found on the internet very easily (just search for what you are looking for, example hashes are here https://hashcat.net/wiki/example_hashes)
Reply
#3
(10-17-2019, 08:49 PM)philsmd Wrote: office2john.py
7z2hashcat.py
blockchain2john.py
bitcoin2john.py
1password2john.py
itunes_backup2hashcat.pl
etc

it depends on your hash type
they can be found on the internet very easily (just search for what you are looking for, example hashes are here https://hashcat.net/wiki/example_hashes)

Thanks Phil, I am experienced with JTR. 

But aren’t these JTR scripts? Isn’t there an equivalent for Hashcat? Is JTR what folks use?
Reply
#4
wherever possible it makes sense to not invent a new hash format. so it makes sense to use the same signature and data parts/salts etc in the hashcat format like in the jtr format. it doesn't make sense to reinvent the wheel here
Reply