|
Search Results
|
| Post |
Author |
Forum
[desc]
|
Replies |
Views |
Posted |
| |
|
Thread: 5.1.0+1394 not processing LM hashes
Post: 5.1.0+1394 not processing LM hashes
| I'm not for sure if I am supposed to report bugs for beta versions, but it seems the latest beta will not load any LM hashes for processing. |
|
slawson |
Beta Tester
|
1 |
2,219 |
08-28-2019, 06:07 PM |
| |
|
Thread: fgdump layout
Post: fgdump layout
| I am needing some clarity on what I am looking at in a fgdump file. My hash dump shows me the usernames and hashes that I can successfully load and crack, but usually at the bottom of my hash file it... |
|
slawson |
General Help
|
6 |
9,869 |
11-12-2014, 07:09 PM |
| |
|
Thread: fgdump layout
Post: RE: fgdump layout
| So the AD assigns the random password? What would these hashes be useful for as far as penetration testing goes? |
|
slawson |
General Help
|
6 |
9,869 |
11-12-2014, 07:51 PM |
| |
|
Thread: Removing duplicate lines in dictionary file
Post: Removing duplicate lines in dictionary file
| I tried using
sort filename | uniq -u
but of course if a line was duplicated it was removing all the same lines and not keeping a unique line. |
|
slawson |
General Help
|
3 |
5,936 |
11-12-2014, 08:07 PM |
| |
|
Thread: Removing duplicate lines in dictionary file
Post: RE: Removing duplicate lines in dictionary file
| Wow. That was too easy. Although it seems to be fluky on a large file. |
|
slawson |
General Help
|
3 |
5,936 |
11-12-2014, 08:25 PM |
| |
|
Thread: fgdump layout
Post: RE: fgdump layout
| Thanks for the info. I guess one last question on this is:
Is there any way to tell fgdump to ignore the machine accounts, so that they don't crowd up my hash file? |
|
slawson |
General Help
|
6 |
9,869 |
11-12-2014, 08:26 PM |
| |
|
Thread: fgdump layout
Post: RE: fgdump layout
| Great information. Thanks for not using demeaning sarcasm on a newbie. |
|
slawson |
General Help
|
6 |
9,869 |
11-12-2014, 10:23 PM |
| |
|
Thread: LM Hashes
Post: LM Hashes
| I have an old Windows server that I dumped the hashes from and noticed that it was using LM to store the hashes. Of course, it didn't take long at all to brute force all of the passwords, which bri... |
|
slawson |
General Talk
|
11 |
5,704 |
08-21-2019, 03:06 PM |
| |
|
Thread: LM Hashes
Post: RE: LM Hashes
| Sorry I've been away for a few days. The Server version is 2008 r2. The LM hashes were migrated from an older server, probably 2003.
If NTLM is enabled (which it is), does that mean that I cann... |
|
slawson |
General Talk
|
11 |
5,704 |
08-26-2019, 03:38 PM |
| |
|
Thread: LM Hashes
Post: RE: LM Hashes
| I would like to take my cracked LM hashes and use that as leverage to crack the full NTLM hash. For example let's say my LM password is PASSWOR and the NTLM has 10 characters.
Please correct me if... |
|
slawson |
General Talk
|
11 |
5,704 |
08-26-2019, 10:52 PM |
| |
|
Thread: LM Hashes
Post: RE: LM Hashes
| Oh, I see now. I was just looking at one part of the LM hash that was cracked. After I viewed the --show results, it all came together.
So, my next step would be to add those LM cracked passwords... |
|
slawson |
General Talk
|
11 |
5,704 |
08-27-2019, 04:19 PM |
| |
|
Thread: LM Hashes
Post: RE: LM Hashes
|
slawson |
General Talk
|
11 |
5,704 |
08-27-2019, 04:34 PM |
| |
|
Thread: PMKID
Post: PMKID
| Obviously, this shows my ignorance, but what's the technical reason that you can't pass the PMKID like Pass the hash? |
|
slawson |
General Talk
|
2 |
1,508 |
10-04-2019, 01:50 AM |
| |
|
Thread: Decoding multiple PMKID SSIDs
Post: Decoding multiple PMKID SSIDs
| I would like to take my capture file that has several PMKIDs in it, and decode the SSIDs before cracking them.
This is what I have done so far:
cut -f4 -d'*' pmkidfile | xxd -r -p
xxd properl... |
|
slawson |
General Talk
|
4 |
2,070 |
10-11-2019, 04:16 PM |
| |
|
Thread: Decoding multiple PMKID SSIDs
Post: RE: Decoding multiple PMKID SSIDs
| Ok with some trial and error I have found a way to do this with a for loop. It seems a bit excessive so I would be interested in an easier way of doing this. Here is the command
for line in $(cut... |
|
slawson |
General Talk
|
4 |
2,070 |
10-11-2019, 04:57 PM |
| |
|
Thread: Decoding multiple PMKID SSIDs
Post: RE: Decoding multiple PMKID SSIDs
| When I run wlanhcxinfo -i file, I always get an error "file corrupt 0 records loaded"
The "file" is my original hcxdumptool capture that I have verified is good. I have tried multiple capture file... |
|
slawson |
General Talk
|
4 |
2,070 |
10-15-2019, 04:04 PM |
| |
|
Thread: Decoding multiple PMKID SSIDs
Post: RE: Decoding multiple PMKID SSIDs
| Sorry, nevermind. I just figured out that I have to output the capture to a hccapx file first. |
|
slawson |
General Talk
|
4 |
2,070 |
10-15-2019, 04:12 PM |
| |
|
Thread: Running hashcat on multiple hash files
Post: Running hashcat on multiple hash files
| Is there a way to do this? I tried this:
hashcat -m 16800 --show *.16800
This actually runs, but it only shows results for the first file in the directory. |
|
slawson |
General Talk
|
5 |
3,004 |
10-23-2019, 06:04 PM |
| |
|
Thread: Running hashcat on multiple hash files
Post: RE: Running hashcat on multiple hash files
| I did the Windows equivalent
copy /b *.16800 all.16800
That works, but I guess I was just curious if hashcat can handle multiple files at once. |
|
slawson |
General Talk
|
5 |
3,004 |
10-23-2019, 09:40 PM |
| |
|
Thread: Creating Custom Password List
Post: RE: Creating Custom Password List
| Never done that before, I'll see what I can find online. Thanks. |
|
slawson |
General Talk
|
6 |
2,557 |
10-23-2019, 11:18 PM |
