Search Results
|
Post |
Author |
Forum
[desc]
|
Replies |
Views |
Posted |
|
|
Thread: How to extract a hash (VNC, SSH2 or SMB) from a WireShark capture file
Post: RE: How to extract a hash ...
I have too some test capture files (.cap and .eci) of SSH and SMB connection. I can upload them if needed. |
|
SopalajoArrierez |
General Help
|
13 |
69,957 |
03-20-2013, 10:18 PM |
|
|
Thread: How to extract a hash (VNC, SSH2 or SMB) from a WireShark capture file
Post: How to extract a hash (VNC, SSH2 or SMB) from a Wi...
Hello all.
Until now I have only tested WPA hashes, and they have been extracted from a airodump-ng's capture file using tshark or aircrack-ng (-J option).
I wanna go one step beyond, and in an ... |
|
SopalajoArrierez |
General Help
|
13 |
69,957 |
03-20-2013, 05:02 PM |
|
|
Thread: How to extract a hash (VNC, SSH2 or SMB) from a WireShark capture file
Post: RE:How to extract a hash(VNC, SSH2 or SMB)from a W...
All right, I think I have succeeded in sniffing a SMB hash. I have done it using EtterCap.
This is the command:
Code:
--
ettercap -T -w dump.cap /OriginIP/ // output: -l logfile
--
so it yiel... |
|
SopalajoArrierez |
General Help
|
13 |
69,957 |
03-20-2013, 08:20 PM |
|
|
Thread: How to extract a hash (VNC, SSH2 or SMB) from a WireShark capture file
Post: RE: How to extract a hash (VNC, SSH2 or SMB)
halfie Wrote: (03-20-2013, 07:01 PM)
--
Which version of Ettercap are you using?
--
This is my version:
ettercap 0.7.4.1 copyright 2001-2011 ALoR & NaGA
halfie Wrote: (03-20-2013, 07:01 PM)
--... |
|
SopalajoArrierez |
General Help
|
13 |
69,957 |
03-20-2013, 09:48 PM |
|
|
Thread: How to extract a hash (VNC, SSH2 or SMB) from a WireShark capture file
Post: RE: How to extract a hash ...
halfie Wrote: (03-20-2013, 07:01 PM)
--
Which version of Ettercap are you using?
--
This is my version:
ettercap 0.7.4.1 copyright 2001-2011 ALoR & NaGA
halfie Wrote: (03-20-2013, 07:01 PM)
--... |
|
SopalajoArrierez |
General Help
|
13 |
69,957 |
03-20-2013, 10:09 PM |
|
|
Thread: How to extract a hash (VNC, SSH2 or SMB) from a WireShark capture file
Post: RE: How to extract a hash ...
And some more data to test: I am now trying with SSL: a connection to GMail website using a test account. I am trying to extract the hash using "ssldump":
Code:
--
ssldump -r GMailConnection.cap
-... |
|
SopalajoArrierez |
General Help
|
13 |
69,957 |
03-20-2013, 10:34 PM |
|
|
Thread: How to extract a hash (VNC, SSH2 or SMB) from a WireShark capture file
Post: RE: How to extract a hash (VNC, SSH2 or SMB) from ...
atom Wrote: (03-21-2013, 02:36 PM)
--
You will be able to crack the SMB hashes with the next version of hashcat / oclHashcat
--
That is fine.
So I supposed that the data sent via network for SMB... |
|
SopalajoArrierez |
General Help
|
13 |
69,957 |
03-29-2013, 12:55 PM |
|
|
Thread: How to extract a hash (VNC, SSH2 or SMB) from a WireShark capture file
Post: RE: How to extract a hash (VNC, SSH2 or SMB) from ...
halfie Wrote: (03-21-2013, 01:53 PM)
--
I think your VNC session was using encryption (at least at some point). I can successfully extract the "hash" from your .pcap file and also crack it using JtR-... |
|
SopalajoArrierez |
General Help
|
13 |
69,957 |
03-29-2013, 03:19 PM |
|
|
Thread: How to extract a hash (VNC, SSH2 or SMB) from a WireShark capture file
Post: RE: How to extract a hash (VNC, SSH2 or SMB) from ...
Wefffff.... I finally did it: installed EtterCap latest version. It has been a bit hard: Ettercap seems to be very updated, so several libraries and programs (CURL, for example) need to be in the late... |
|
SopalajoArrierez |
General Help
|
13 |
69,957 |
03-29-2013, 07:49 PM |
|
|
Thread: Where can I get HashCat Utils v1.2?
Post: Where can I get HashCat Utils v1.2?
In this ticket, Atom seems to be using HashCat Utils v1.2:
https://hashcat.net/trac/ticket/529#comment:8
But I can not find a download link post-v1.1. I am searching here:
https://hashcat.net/tool... |
|
SopalajoArrierez |
hashcat-utils, maskprocessor, statsprocessor, md5stress, wikistrip
|
1 |
5,286 |
02-24-2015, 12:35 AM |
|
|
Thread: There is no difference between WPA hashes for attacking them?
Post: There is no difference between WPA hashes for atta...
There are several WPA protocols: WPA, WPA2, PSK, AES, TKIP... and maybe some other(s).
I would like to know if all of them have the same difficulty to be cracked, or at least to be cracked using OCLH... |
|
SopalajoArrierez |
Old oclHashcat Support
|
1 |
4,410 |
03-29-2014, 03:10 AM |
|
|
Thread: v1.31 Multi-GPU not working with standalone devices
Post: RE: v1.31 Multi-GPU not working with standalone de...
That was the problem. :-)
Thanks you, philsmd. |
|
SopalajoArrierez |
Old oclHashcat Support
|
5 |
11,878 |
10-07-2014, 01:34 PM |
|
|
Thread: How can I remotely know about the progress of OCLHashCat?
Post: RE: How can I remotely know about the progress of ...
undeath Wrote: (11-16-2014, 01:11 PM)
--
I think hashtopus can show you the progress: https://hashcat.net/forum/thread-3159.html
--
Thanks you, undeath.
I am reading it, and it seems mostly a dist... |
|
SopalajoArrierez |
Old oclHashcat Support
|
7 |
14,336 |
11-16-2014, 01:28 PM |
|
|
Thread: How can I remotely know about the progress of OCLHashCat?
Post: RE: How can I remotely know about the progress of ...
Mangix Wrote: (11-17-2014, 04:02 AM)
--
uhhhh there is a windows version of screen available.
Just install the latest cygwin and install screen + openssh from the package manager.
--
That sou... |
|
SopalajoArrierez |
Old oclHashcat Support
|
7 |
14,336 |
11-17-2014, 04:13 AM |
|
|
Thread: How can I remotely know about the progress of OCLHashCat?
Post: RE: How can I remotely know about the progress of ...
Another method to take unattended control of OCLHashCat could be the classic GNU Expect program, but it seems not to be working neither.
I have opened a thread about: https://hashcat.net/forum/thread-... |
|
SopalajoArrierez |
Old oclHashcat Support
|
7 |
14,336 |
11-18-2014, 01:37 AM |
|
|
Thread: Can hybrid attack work with rules?
Post: Can hybrid attack work with rules?
OCLHashCat v1.32 yields no error for this command-line (hybrid attack):
Code:
--
oclhashcat64 -m 1000 Hashes.txt -a 6 Dictio.txt ?d -j d
--
So, can I assume that "-j" option (rule for left dicti... |
|
SopalajoArrierez |
Old oclHashcat Support
|
9 |
15,325 |
01-23-2015, 04:25 AM |
|
|
Thread: Can hybrid attack work with rules?
Post: RE: Can hybrid attack work with rules?
epixoip Wrote: (01-24-2015, 07:36 AM)
--
If cain.txt contains the word "rafa", then "-a 6 cain.txt ?d -j d" will generate the candidate "rafarafa3" but not "rafa3rafa3".
--
I understand: rules are ap... |
|
SopalajoArrierez |
Old oclHashcat Support
|
9 |
15,325 |
01-24-2015, 07:44 AM |
|
|
Thread: v1.31 Multi-GPU not working with standalone devices
Post: RE: v1.31 Multi-GPU not working with standalone de...
Thanks for answering. Here are the new tests.
First attemp, note that only 1 GPU is working:
Code:
--
PS D:\Crackeo en Proceso\101\Atacando> oclHashcat64.exe -m 2500 .\HandshakeWPA.hccap -a 3 ... |
|
SopalajoArrierez |
Old oclHashcat Support
|
5 |
11,878 |
10-07-2014, 12:52 PM |
|
|
Thread: Can hybrid attack work with rules?
Post: RE: Can hybrid attack work with rules?
philsmd Wrote: (01-24-2015, 08:43 AM)
--
to avoid to generate a large dict also something like this would work in your particular case:
Code:
--
oclhashcat64 -m 1000 -r my_append_num_and_duplicat... |
|
SopalajoArrierez |
Old oclHashcat Support
|
9 |
15,325 |
01-24-2015, 09:02 AM |
|
|
Thread: Can hybrid attack work with rules?
Post: RE: Can hybrid attack work with rules?
Mmm.. I think I could answer myself. Acording to my tests, it seems that the order between -r, -j and -k would be:
-j goes first.
-r goes second.
-k doesn't go: it is ignored.
Am I right? |
|
SopalajoArrierez |
Old oclHashcat Support
|
9 |
15,325 |
01-24-2015, 09:16 AM |