01-03-2020, 03:21 AM
First and foremost, this is an ethical hack. Unfortunately we are in a situation where a co-worker has reset the AD credentials on a very important account. Because of this, we are locked out of several devices that use LDAP for authentication. Lucky enough, nobody knows the local passwords for the devices. So that's where we are.
I have restored the NTDS.dit and system32\config folders from a few of the domain controllers dating about a week ago. The NTDS.dit should have the old account password.
After this, I extracted the hashes for the account in question using DSInternals.
So, I have the NTLM hashes and the LM hashes. I have been trying to use hashcat to crack these but I honestly don't know the best way to go about this.
Any advice on the best method or command strings to run?
Thanks!
Matt
I have restored the NTDS.dit and system32\config folders from a few of the domain controllers dating about a week ago. The NTDS.dit should have the old account password.
After this, I extracted the hashes for the account in question using DSInternals.
So, I have the NTLM hashes and the LM hashes. I have been trying to use hashcat to crack these but I honestly don't know the best way to go about this.
Any advice on the best method or command strings to run?
Thanks!
Matt