|
Search Results
|
| Post |
Author |
Forum
[asc]
|
Replies |
Views |
Posted |
| |
|
Thread: way to distribute cracking ?
Post: RE: way to distribute cracking ?
| Single hash NTLM brute force. We usually use NTLM when advertising cluster speeds since it's most relevant to pentesters & blue teams. |
|
epixoip |
General Talk
|
10 |
14,897 |
07-16-2017, 06:29 AM |
| |
|
Thread: way to distribute cracking ?
Post: RE: way to distribute cracking ?
| The hardware and underlying software are primarily responsible for speed. The wrapper's role with regards to speed is fairly minimal, in that it needs to perform efficiently to minimize the overheard ... |
|
epixoip |
General Talk
|
10 |
14,897 |
07-02-2017, 12:39 PM |
| |
|
Thread: Expander / fingerprint attack
Post: RE: Expander / fingerprint attack
| You can generate longer fingerprints if you want but the resulting file could be quite massive. Of course you'll want to uniq it before running it, but even then a 2-way combinator might never finish ... |
|
epixoip |
General Talk
|
2 |
3,309 |
08-12-2017, 09:21 AM |
| |
|
Thread: Excel Password Hash Extraction
Post: RE: Excel Password Hash Extraction
| Yes, the write protection password can simply be stripped out of the document. |
|
epixoip |
General Talk
|
3 |
7,360 |
08-14-2017, 10:07 PM |
| |
|
Thread: Identification of hash type.
Post: RE: Identification of hash type.
| We did the hard part for you. From here, everything is documented. Read the wiki, read the --help. |
|
epixoip |
General Talk
|
6 |
4,068 |
12-19-2017, 05:07 PM |
| |
|
Thread: Trying to run a hash against Hashcat
Post: RE: Trying to run a hash against Hashcat
|
IBrandon3727 Wrote: (12-26-2017, 10:39 PM)
--
This is when it all started for me, I wanted to learn how to extract the hashes out of my hccapx file and put them into a .txt file so that Hashcat would... |
|
epixoip |
General Talk
|
3 |
3,465 |
12-27-2017, 09:05 PM |
| |
|
Thread: Identification of hash type.
Post: RE: Identification of hash type.
| @Kangaroot: not wise to post your own password hash on these forums, especially if you're admitting to password reuse.
Anyway, with a proper hash:plain pair this is super simple to reverse engineer. ... |
|
epixoip |
General Talk
|
6 |
4,068 |
12-19-2017, 04:23 PM |
| |
|
Thread: Passwords13 Las Vegas CFP
Post: RE: Passwords13 Las Vegas CFP
| Passwords Las Vegas lives on as the "Ground1234!" Track at Bsides Las Vegas: https://www.bsideslv.org
Quote:
--
GROUND1234! (FORMERLY PASSWORDSLV) – FOCUSED ON THE (IN)SECURITY OF PASSWORDS AN... |
|
epixoip |
General Talk
|
3 |
8,278 |
12-31-2017, 07:31 PM |
| |
|
Thread: Is correct these hash?
Post: RE: Is correct these hash?
| Is the json you posted the request or the response? If it's the request, and that is indeed a hash of the password, then the password is being hashed client-side and you simply need to read the javasc... |
|
epixoip |
General Talk
|
5 |
5,152 |
01-22-2018, 06:37 AM |
| |
|
Thread: Is correct these hash?
Post: RE: Is correct these hash?
| Password hashing is typically done server-side, not client-side. Client-side hashing is uncommon. You should be seeing the plaintext password in transit. |
|
epixoip |
General Talk
|
5 |
5,152 |
01-23-2018, 02:24 PM |
| |
|
Thread: Integer overflow detected in keyspace of mask
Post: RE: Integer overflow detected in keyspace of mask
| Keyspace is stored as an unsigned 64-bit integer. 16^64 is much, much larger than 2^64 - 1.
You might want to do the math on how long it would take to crack 16^64. |
|
epixoip |
General Talk
|
7 |
6,482 |
04-28-2019, 10:43 AM |
| |
|
Thread: Dictionnary handling
Post: RE: Dictionnary handling
| most likely whatever order readdir() returns the files in. |
|
epixoip |
General Help
|
4 |
9,784 |
06-16-2012, 10:36 AM |
| |
|
Thread: Low recovered number of linkedin hashes
Post: RE: Low recovered number of linkedin hashes
| A good dictionary would get you around 50% cracked, and those aren't near enough rules.
https://securitynirvana.blogspot.com/2012/06/final-word-on-linkedin-leak.html |
|
epixoip |
General Help
|
7 |
14,900 |
07-15-2012, 10:24 AM |
| |
|
Thread: Can hashcat crack NTLMSSP ?
Post: RE: Can hashcat crack NTLMSSP ?
| hashcat isn't able to crack it, no. and i'm not 100% positive, but i don't think you have enough here to crack anyway. ntlm c/r is a four-way handshake, you only have one of the pieces. i also believe... |
|
epixoip |
General Help
|
4 |
15,709 |
10-04-2012, 10:12 PM |
| |
|
Thread: Can hashcat crack NTLMSSP ?
Post: RE: Can hashcat crack NTLMSSP ?
| maybe try https://github.com/psychomario/ntlmsspparse and see if that doesn't put it into a format that jtr can recognize. i think jtr jumbo supports ntlm c/r. |
|
epixoip |
General Help
|
4 |
15,709 |
10-06-2012, 09:12 PM |
| |
|
Thread: What kind of hash is this?
Post: RE: What kind of hash is this?
| appears to be salted md5, but it's impossible to know precisely which algorithm was used to create it without knowing where it came from or having the source. could be md5(salt.pass), md5(pass.salt), ... |
|
epixoip |
General Help
|
6 |
12,600 |
10-08-2012, 06:08 AM |
| |
|
Thread: What kind of hash is this?
Post: RE: What kind of hash is this?
| it may have been in an oracle 10g database, but that's not an oracle 10g hash.
if it was hashed with Spring Security then it's likely md5(pass.salt) |
|
epixoip |
General Help
|
6 |
12,600 |
10-08-2012, 09:03 PM |
| |
|
Thread: dictionary maker?
Post: RE: dictionary maker?
| looks like a shitty version of maskprocessor. try using maskprocessor or statsprocessor instead. |
|
epixoip |
General Help
|
7 |
13,280 |
10-20-2012, 03:43 AM |
| |
|
Thread: Basic Questions - Hashs
Post: RE: Basic Questions - Hashs
|
jharris473 Wrote: (10-18-2012, 07:13 PM)
--
Sorry for such a basic question - How does hashcat actually get "hashes" from a Windows network. The network is "switched-based". Please, any help is app... |
|
epixoip |
General Help
|
5 |
9,892 |
10-19-2012, 09:00 AM |
| |
|
Thread: How to apply rules to combinator attack?
Post: RE: How to apply rules to combinator attack?
|
M@LIK Wrote: (10-21-2012, 10:35 PM)
--
If you want to make "Sup3rThinkers" out of "sup3r" in dict1 and "thinkers" in dict2, you would run:
Code:
--
-plus ... -a1 -j u -k u ... dict1 dict2
--
--
rul... |
|
epixoip |
General Help
|
12 |
22,997 |
10-22-2012, 04:41 AM |
