Password Cracking Using Hashcat
Last updated
Was this helpful?
Last updated
Was this helpful?
If you are running Hashcat on AMD based GPU like me you might get errors about AMD HIP SDK.
For this, we can install
Also, Hashcat Beta works well with this -->
For fast lookup I have added the most commonly seen ones in AD environments below
1000
NTLM
Extremely common, used for general domain authentication
1100
MsCache
Domain cached credentials, old version
2100
MsCache v2
Domain cached credentials, new version
3000
LM
Old, rarely used anymore (still a part of NTLM)
5500
NetNTLMv1 / NetNTLMv1+ESS
NTLM for authentication over the network
5600
NetNTLMv2
NTLM for authentication over the network
7500
Kerberos 5 AS-REQ Pre-Auth etype 23
AS_REQ is the initial user authentication request of Kerberoas
13100
Kerberos 5 TGS-REP etype 23
TGS_REP is the reply of the Ticket Granting Server to the previous request
Here is a very basic dictionary attack using the world famous wordlist.
The limitation here is as with all wordlist attacks the fact that if the password you are trying to crack is not in the list; you won't be able to crack it. This leads us to the next type of attack, a rule-based attack.
You are free to experiment with both lists and rules in this part. Only the sky is the limit (or your GPU / tolerance for hot computer smell)
Run Wordlist with the ruleset.