|
Search Results
|
| Post
[desc]
|
Author |
Forum |
Replies |
Views |
Posted |
| |
|
Thread: Modify Session files to resume at choosen point
Post: RE: Modify Session files to resume at choosen poin...
| That is easy and if you didn't find the answer in the forum already, you shoud find it easily by looking at the --help output:
Code:
--
-s, --skip=NUM Skip number of ... |
|
philsmd |
User Contributions
|
4 |
12,211 |
12-25-2015, 04:53 PM |
| |
|
Thread: Module 5500 - different results for same hash (with or without client challenge part)
Post: RE: Module 5500 - different results for same hash ...
| see:
https://hashcat.net/forum/thread-6638.html
https://hashcat.net/forum/thread-2563-post-15255.html#pid15255 |
|
philsmd |
hashcat
|
8 |
3,607 |
04-18-2019, 02:43 PM |
| |
|
Thread: Module 5500 - different results for same hash (with or without client challenge part)
Post: RE: Module 5500 - different results for same hash ...
| maybe you just didn't understand the posts.
depending on the output you get from your capture tool/dump (i.e. if it is NetNTLMv1 / NetNTLMv1+ESS or NetNTLMv2), you need to use -m 5500 or -m 5600.
... |
|
philsmd |
hashcat
|
8 |
3,607 |
04-18-2019, 07:27 PM |
| |
|
Thread: Module 5500 - different results for same hash (with or without client challenge part)
Post: RE: Module 5500 - different results for same hash ...
| the domain is actually not used in computing the response and therefore can be skipped/ignored/anything, but the client challenge must be specified (e.g. 338d08f8e26de933000000000000000000000000000000... |
|
philsmd |
hashcat
|
8 |
3,607 |
04-18-2019, 08:26 PM |
| |
|
Thread: Module 5500 - different results for same hash (with or without client challenge part)
Post: RE: Module 5500 - different results for same hash ...
| I guess this is just because you didn't test with the correct password candidate.
hashcat only tries the passwords that you tell it to run.
Maybe this specific hash is harder to crack and you need... |
|
philsmd |
hashcat
|
8 |
3,607 |
04-19-2019, 11:44 AM |
| |
|
Thread: modx modPBKDF2 hashes
Post: RE: modx modPBKDF2 hashes
| The salt must also be specified as base64 encoded string, like this:
Code:
--
./oclHashcat -m 10900 -a 3 --quiet 'sha256:1000:YTlhM2NkMmE1MmY0ZWFkOGJmZjQ3Nzk0MWNlYjYyZjU=:+7WYTHGVutZhmE9KYjb93Rvtd... |
|
philsmd |
Old oclHashcat Support
|
4 |
8,476 |
02-26-2016, 11:03 PM |
| |
|
Thread: More then 4 user defined charsets
Post: RE: More then 4 user defined charsets
| it is not supported to have more than 4 custom charset... there are several reasons for that (performance, GPU-related reasons etc)...
There may be some rare cases where you *really* need that featur... |
|
philsmd |
Very old oclHashcat-plus Support
|
3 |
6,837 |
11-07-2013, 01:19 PM |
| |
|
Thread: Most efficient way to crack wpa2 hash if you know first char?
Post: RE: Most efficient way to crack wpa2 hash if you k...
| first of all, these concepts of "rainbow tables" and "oclhashcat" (from your other post) etc are superseded since several years. not sure how you even come up with these concepts and think this is som... |
|
philsmd |
hashcat
|
3 |
1,941 |
08-02-2019, 01:15 PM |
| |
|
Thread: Most efficient way to crack wpa2 hash if you know first char?
Post: RE: Most efficient way to crack wpa2 hash if you k...
| in that case your password is probably written on a sticker on your router itself. Just have a look at your router (hardware). |
|
philsmd |
hashcat
|
3 |
1,941 |
08-02-2019, 04:02 PM |
| |
|
Thread: mozilla
Post: RE: mozilla
| -1 0x01
^ this is wrong syntax. where did you read about this 0x notation ? did you just guess this?
hashcat has an option called --hex-charset and you can use it like this
--hex-charset ?a?a?a... |
|
philsmd |
hashcat
|
2 |
1,306 |
07-16-2019, 02:24 PM |
| |
|
Thread: MS office 2013 Hash algo in python
Post: RE: MS office 2013 Hash algo in python
| Well, the most suitable answer would be just read the kernel's source code (of e.g. -m 9600) and convert it to python (that may also - be the only thing that - help to get an idea about the optimizati... |
|
philsmd |
General Talk
|
2 |
4,186 |
07-01-2016, 08:41 AM |
| |
|
Thread: MS Office Instant decryption
Post: RE: MS Office Instant decryption
| because you probably should use the collider mode 9710 (with mask ?b?b?b?b?b) for instant access to the data |
|
philsmd |
General Talk
|
9 |
15,352 |
08-21-2017, 08:58 AM |
| |
|
Thread: MS Office Instant decryption
Post: RE: MS Office Instant decryption
| If you read this carefully https://hashcat.net/forum/thread-3665.html, you will see that you only need -m 9710 to access the data.
Have a look at the list of steps under the "KDF" section https://has... |
|
philsmd |
General Talk
|
9 |
15,352 |
09-12-2017, 05:00 PM |
| |
|
Thread: MSCACHEv1 Line-Length Exception when username exceeds 12 Characters
Post: RE: MSCACHEv1 Line-Length Exception when username ...
| We need more info about your setup.
Are you using windows?
Maybe you have this problem, that was fixed in new beta (not released yet): https://hashcat.net/trac/ticket/178
What is the error you se... |
|
philsmd |
Very old oclHashcat-plus Support
|
4 |
11,241 |
08-06-2013, 12:11 PM |
| |
|
Thread: MSCACHEv1 Line-Length Exception when username exceeds 12 Characters
Post: RE: MSCACHEv1 Line-Length Exception when username ...
| Yes, sorry I made a little bit confusion w/ ntlm.
So the problem really is > length 15 support. Atom is already heavily working on that (this limitation is well known and also documented in the wiki)... |
|
philsmd |
Very old oclHashcat-plus Support
|
4 |
11,241 |
08-06-2013, 12:54 PM |
| |
|
Thread: MSCHAPv2 load fail
Post: RE: MSCHAPv2 load fail
| The correct hash mode is -m 5500 = NetNTLMv1 and the password for this hash is "password".
bob::::63xxx03415162exxxxx263799f8e8axxx5a6bc4d0exxxx72:axxxx01cd59xxx32:password
BTW: you are not allo... |
|
philsmd |
hashcat
|
2 |
2,363 |
11-03-2017, 02:16 PM |
| |
|
Thread: MSSQL(2005) (salt.pass) troubles
Post: RE: MSSQL(2005) (salt.pass) troubles
|
user003 Wrote: (07-12-2013, 12:23 PM)
--
any advices?
--
Don't post hashes here!!! Forum Rules (https://hashcat.net/forum/announcement-2.html)
Check format w/ the example hashes (https://hashcat.net... |
|
philsmd |
Very old oclHashcat-lite Support
|
3 |
9,711 |
07-12-2013, 12:47 PM |
| |
|
Thread: multi charset
Post: RE: multi charset
| 1. it's not allowed to post hashes
2. you need to specify a mask (see https://hashcat.net/wiki/?id=mask_attack) if you use -a 3 (otherwise the default one will be used, which is probably not exactly ... |
|
philsmd |
hashcat
|
3 |
4,680 |
08-23-2017, 03:15 PM |
| |
|
Thread: multi hash
Post: RE: multi hash
| See https://hashcat.net/wiki/hccapx
for windows:
Code:
--
copy /b single_hccapxs\*.hccapx all_in_one\multi.hccapx
--
for linux:
Code:
--
cat single_hccapxs/*.hccapx > all_in_one/multi.hcc... |
|
philsmd |
hashcat
|
6 |
6,160 |
03-29-2017, 06:41 PM |
| |
|
Thread: multi hccap crack
Post: RE: multi hccap crack
| The multi-hccap support is explained here: https://hashcat.net/wiki/doku.php?id=hccap
Note: for performance reasons you cannot mix wpa2 and wpa (also see https://hashcat.net/trac/ticket/222#comment:4 ... |
|
philsmd |
Old oclHashcat Support
|
1 |
7,754 |
01-20-2014, 08:34 PM |
