Hi, i just test example hash (password hashcat) provided here on Hashcat.net (https://hashcat.net/wiki/doku.php?id=example_hashes)
for module m 5500 is expected format:
a lot of people recommend use this short format (user, response, challenge):
but hashcat doesn't find password for this short format. When i run it on original format, hashcat works ok:
I use for testing short dictionary where i put correct password. Command-line is the same for both test only hash is changing. I find that 3 striped part from the hash cause - password is not found.
I want use it on mschapv2 dump and all i have is: user, domain, response & challenge. Is it possible recover pswd without this 3 part? Or maybe i use bad module? (but all people references use 5500) I play first with example hashes to be sure it's all working.
for module m 5500 is expected format:
Code:
u4-netntlm::kNS:338d08f8e26de93300000000000000000000000000000000:9526fb8c23a90751cdd619b6cea564742e1e4bf33006ba41:cb8086049ec4736ca lot of people recommend use this short format (user, response, challenge):
Code:
u4-netntlm::::9526fb8c23a90751cdd619b6cea564742e1e4bf33006ba41:cb8086049ec4736cbut hashcat doesn't find password for this short format. When i run it on original format, hashcat works ok:
Code:
u4-netntlm::kNS:338d08f8e26de93300000000000000000000000000000000:9526fb8c23a90751cdd619b6cea564742e1e4bf33006ba41:cb8086049ec4736cI use for testing short dictionary where i put correct password. Command-line is the same for both test only hash is changing. I find that 3 striped part from the hash cause - password is not found.
I want use it on mschapv2 dump and all i have is: user, domain, response & challenge. Is it possible recover pswd without this 3 part? Or maybe i use bad module? (but all people references use 5500) I play first with example hashes to be sure it's all working.