05-06-2016, 03:23 PM
Hi!
I'm trying to crack NetNtlmv2 hash with known password
test::test-PC:1122334455667788:EE8BE66E931EE5F78502E43AB0755EB7:0101000000000000B74CFB6137A6D101B672CD72950FCF320000000002000A0073006D006200310032000100140053004500520056004500520032003000300038000400160073006D006200310032002E006C006F00630061006C0003002C0053004500520056004500520032003000300038002E0073006D006200310032002E006C006F00630061006C000500160073006D006200310032002E006C006F00630061006C000800300030000000000000000000000000300000EFD2A20880C73783FE82407EB41E4B3FE2D57CF015812BDC3DBC367618B9B8E30A0010000000000000000000000000000000000009001C0063006900660073002F0064006100750074006F0076002D00700063000000000000000000
password is cyrillic "a" (unicode 0430)
when i try method described here hashcat didn't manage to recover this pass.
Then i tried to run hashcat using mask ?b?b --incremental
Useless again.
Password was successfully cracked using john.
Hashcat successfully crack hashes with latin passwords, for example
test::test-PC:1122334455667788:66B41928700FEA503B80D86372FE1164:0101000000000000206CC1C437A6D101A0D0BEE8D9BE72C80000000002000A0073006D006200310032000100140053004500520056004500520032003000300038000400160073006D006200310032002E006C006F00630061006C0003002C0053004500520056004500520032003000300038002E0073006D006200310032002E006C006F00630061006C000500160073006D006200310032002E006C006F00630061006C00080030003000000000000000000000000030000037DE47151778061BAA06DCDCE4F1ACAB2B85419749F92F70F4921AAA5677A3F80A0010000000000000000000000000000000000009001C0063006900660073002F0064006100750074006F0076002D00700063000000000000000000:te
Am I right that there is some issue with non latin symbols in netntlmv2 method in hashcat?
I'm trying to crack NetNtlmv2 hash with known password
test::test-PC:1122334455667788:EE8BE66E931EE5F78502E43AB0755EB7:0101000000000000B74CFB6137A6D101B672CD72950FCF320000000002000A0073006D006200310032000100140053004500520056004500520032003000300038000400160073006D006200310032002E006C006F00630061006C0003002C0053004500520056004500520032003000300038002E0073006D006200310032002E006C006F00630061006C000500160073006D006200310032002E006C006F00630061006C000800300030000000000000000000000000300000EFD2A20880C73783FE82407EB41E4B3FE2D57CF015812BDC3DBC367618B9B8E30A0010000000000000000000000000000000000009001C0063006900660073002F0064006100750074006F0076002D00700063000000000000000000
password is cyrillic "a" (unicode 0430)
when i try method described here hashcat didn't manage to recover this pass.
Then i tried to run hashcat using mask ?b?b --incremental
Useless again.
Password was successfully cracked using john.
Hashcat successfully crack hashes with latin passwords, for example
test::test-PC:1122334455667788:66B41928700FEA503B80D86372FE1164:0101000000000000206CC1C437A6D101A0D0BEE8D9BE72C80000000002000A0073006D006200310032000100140053004500520056004500520032003000300038000400160073006D006200310032002E006C006F00630061006C0003002C0053004500520056004500520032003000300038002E0073006D006200310032002E006C006F00630061006C000500160073006D006200310032002E006C006F00630061006C00080030003000000000000000000000000030000037DE47151778061BAA06DCDCE4F1ACAB2B85419749F92F70F4921AAA5677A3F80A0010000000000000000000000000000000000009001C0063006900660073002F0064006100750074006F0076002D00700063000000000000000000:te
Am I right that there is some issue with non latin symbols in netntlmv2 method in hashcat?