Unable to crack second half of LM hash
#1
I ran into this issue recently during a CTF competition and spent a little time replicating a test scenario. Given a 13-char password as an LM hash, Hashcat (v5.1.0) successfully cracks the first hash but not the second.
 
To re-create the issue I padded Hashcat's example LM hash out to 13-chars:

HASHCATHASHCA = 299BD128C1101FD6A9BF21707E39C1C7

And ran a typical attack for LM hashes:

Code:
$ hashcat '299BD128C1101FD6A9BF21707E39C1C7' -m3000 -a3 -1 ?u?d?s ?1?1?1?1?1?1?1

$ hashcat '299BD128C1101FD6A9BF21707E39C1C7' -m3000 --show
299bd128c1101fd6a9bf21707e39c1c7:HASHCAT[notfound]

As a sanity check I ran a John session on the same hash:

Code:
$ john lm_test.hash --format=LM-opencl --fork=4

$ john lm_test.hash --format=LM-opencl --show
Device 3: GeForce GTX 1080
?:HASHCATHASHCA

2 password hashes cracked, 0 left
Reply
#2
HASHCA is not 7 characters long (?1?1?1?1?1?1?1 cracks 7 char passwords)
Reply
#3
(11-13-2019, 02:00 PM)philsmd Wrote: HASHCA is not 7 characters long (?1?1?1?1?1?1?1 cracks 7 char passwords)

Holy cow, I'm having senior moments and haven't yet met the age requirement. Of course, I overlooked incremental... 

Thanks Philsmd!
Reply