Follow us on Twitter!
It is the path of least resistance that makes rivers and men crooked. - Bj Palmer
Sunday, April 20, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 22
Guests Online: 21
Members Online: 1

Registered Members: 82843
Newest Member: hx47
Latest Articles
View Thread

HellBound Hackers | Computer General | Hacking in general

Author

Help Cracking NTLM Hash

Infam0us
Member



Posts: 153
Location: 0x080484c6
Joined: 06.09.07
Rank:
Apprentice
Posted on 13-06-08 00:45
I have an administrators ntlm hash from xp. When I try to crack it in cain and abel I get this when starting to brute force it.
Plaintext of F4CA7D356EE... is 0307
Attack Stopped!
1 of 2 Hashes Cracked


The hash it cracked is the "NT hash" so now I'm stuck with a password that looks exaclty like this "???????0307"

How do I attack the rest of the password? Is the rest of that password an LM hash (thats my best guess)? It is exactly 7 characters missing.

Or is it an ntlm hash? I have read this stuff in school and on wikipedia and thought i understood it.

Any help on what type of hash the rest of the password is and what would be the best way to crack it?


"Never memorize what you can look up in books." -Albert Einstein
www.rohitab.com/discuss/style_emoticons/default/suicide_anim.gif
[img]http://www.hellboundhackers.org/fusion_infusions/buddy_panel/buddy_delete.php?id=2783[/img]


[img]javasc ript:alert(document.cookie);[/img]
Author

RE: Help Cracking NTLM Hash

SySTeM
Member

Your avatar

Posts: 1524
Location: England, UK
Joined: 27.07.05
Rank:
HBH Guru
Posted on 13-06-08 01:03
Try milw0rm's cracker, I think they do lm hashes.


img138.imageshack.us/img138/6527/sig2ak1.jpg
www.hellboundhackers.org/sig/r/2783.png

http://www.elites0ft.com/
Author

RE: Help Cracking NTLM Hash


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 13-06-08 02:45
I like freerainbowtables.com ... it is a distributed computing site that generates rainbow tables... you don't have to use their generating software to use their tables... you don't have to download the tables either, just submit the hash on their site and give it 10 mins or so... and check the pass.
Author

RE: Help Cracking NTLM Hash

Infam0us
Member



Posts: 153
Location: 0x080484c6
Joined: 06.09.07
Rank:
Apprentice
Posted on 13-06-08 04:20
Thanks for the help everyone.

System_meltdown I went to milw0rm and the LM hash is supposed to be 16bytes these hashes are double that. So I guess its not an LM hash like i thought it was.

Here is the NT hash, F4CA7D356EE41CD859A26C49A31B2F9D
and this one is labeled in cain and abel as LM hash 0259752D2C3B4F13F9496BE7EBA6D251

I'll try rainbow tables next and if that doesn't work I'll run them through jtr and see if I have better luck.




"Never memorize what you can look up in books." -Albert Einstein
www.rohitab.com/discuss/style_emoticons/default/suicide_anim.gif
[img]http://www.hellboundhackers.org/fusion_infusions/buddy_panel/buddy_delete.php?id=2783[/img]


[img]javasc ript:alert(document.cookie);[/img]
Author

RE: Help Cracking NTLM Hash


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 13-06-08 09:35
How did you get the hash? Pwdump? If so, post the full output from it.

I would also reccomend freerainbowtables. . ..


Author

RE: hash crack


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 13-06-08 10:35
try this one http://www.securi. . .hcrack.php


Author

RE: Help Cracking NTLM Hash

Uber0n
Member



Posts: 1963
Location: Sweden‭‮
Joined: 13.06.06
Rank:
Hacker Level 3
Posted on 13-06-08 10:48
Infam0us wrote:
Is the rest of that password an LM hash (thats my best guess)? It is exactly 7 characters missing.

Yes it is ^^ passwords longer than 7 characters are split up in two LM hashes; that's why they're so damn easy to crack compared to NT hashes Wink


img230.imageshack.us/img230/724/uber0nsig3hj6.gif
http://uber0n.web. . .
Nope http://uber0n.webs.com/
Author

RE: Help Cracking NTLM Hash

korg
Admin from hell



Posts: 2798
Location: ENDING YOUR ONLINE EXPERIENCE!
Joined: 01.01.06
Rank:
God
Posted on 13-06-08 10:49
Just use JTR. A good wordlist will crack it in seconds.
PS: I would learn more on ntlm hashes. (Your comment on milworm's
error)


i57.photobucket.com/albums/g215/korg1269/shodan13.jpg

I deal in pain, All life I drain, I dominate, I seal your fate.
O R
Author

RE: Help Cracking NTLM Hash


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 13-06-08 11:04
korg wrote:
Just use JTR. A good wordlist will crack it in seconds.
PS: I would learn more on ntlm hashes. (Your comment on milworm's
error)


yea, he need an good w-list


Author

RE: Help Cracking NTLM Hash

korg
Admin from hell



Posts: 2798
Location: ENDING YOUR ONLINE EXPERIENCE!
Joined: 01.01.06
Rank:
God
Posted on 13-06-08 11:12
http://www.thearg. . .wordlists/

For starters my wordlist is 4.5g now. And growing.


i57.photobucket.com/albums/g215/korg1269/shodan13.jpg

I deal in pain, All life I drain, I dominate, I seal your fate.
O R
Author

RE: Help Cracking NTLM Hash


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 13-06-08 11:13
http://freerainbowtables.com/

you can download a ntlm rainbowtable