Author Topic: Mass Hash Cracking ;)  (Read 1677 times)

0 Members and 1 Guest are viewing this topic.

Offline yhi

  • Serf
  • *
  • Posts: 42
  • Cookies: -70
    • View Profile
Mass Hash Cracking ;)
« on: November 14, 2014, 10:24:09 pm »
i am providing mass hash cracking service

no limit of hash :)
just give me hash & i will try to crack them :)

Offline FTPPalace

  • /dev/null
  • *
  • Posts: 5
  • Cookies: -1
    • View Profile
Re: Mass Hash Cracking ;)
« Reply #1 on: November 24, 2014, 04:27:34 pm »
Hi yhi,


Can you please try to crack the "admin" user password in the below:


Administrateur:500:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
Invité:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
admin:1000:aad3b435b51404eeaad3b435b51404ee:37daed37b26be6fe6ac86ac23719aaca:::
HomeGroupUser$:1002:aad3b435b51404eeaad3b435b51404ee:9a7a1cfd02d858c7803c1f9b31a42e9c:::
LogMeInRemoteUser:1003:aad3b435b51404eeaad3b435b51404ee:e33b9ed540d6e47a55ce63d6c207417d:::


It's a Windows 7 login password.


Any chance you could lend me a hand in how to do it. I've been trying to practice out of interest and to better my own defenses and have not been able to crack this one, yet it is quite easy.


Thanks a lot !
« Last Edit: November 24, 2014, 04:28:08 pm by FTPPalace »

Offline Comm4nd0

  • /dev/null
  • *
  • Posts: 19
  • Cookies: -1
    • View Profile
Re: Mass Hash Cracking ;)
« Reply #2 on: November 24, 2014, 06:29:40 pm »
My notes on de-hashing passwords...

 use: hash-identifier
 to find out the hash type.
 
 use: hashcat
 hashcat -m 0 -a 1 /root/Desktop/Hashing/hashes.txt /root/Desktop/(path to password file) -r /usr/share/oclhashcat-plus/rules/rockyou-30000.rule


Offline raizo

  • NULL
  • Posts: 2
  • Cookies: 1
    • View Profile
Re: Mass Hash Cracking ;)
« Reply #3 on: November 25, 2014, 08:53:07 am »
My notes on de-hashing passwords...

 use: hash-identifier
 to find out the hash type.

@FTPPalace, see tip above by Comm4nd0. Honestly bro, anyone with 2 weeks of password cracking experience knows that you have a NTLM hash under 15 characters long (this can be confirmed by splitting the hash into two parts, and cracking the first one or second one). If the password is less than 15 (or 14, can't remember the limit windows puts on hashes before they get weird), the first part of the hash will crack as a blank, and is generally (not always) aad3b435b51404eeaad3b435b51404ee.

This leaves you with a cool trick to stop wasting your time...crack the second part of the hash. Now, if you get something different for the first part of the hash that can mean one of a couple of things.

!) The password is longer than 15 characters and you still need to crack both parts individually
2) The password is salted and you need the system file to separate the salt.

You know now what needs to be done for NTLM hashes. I recommend looking at the tut Z3R0 posted about m0rph's assumption-based password cracking theory, because it's quite good. I find it amazing he developed a method for dramatically reducing the cracking time of complex 8+ char passwords without having to buy ridiculous hardware. The dude must have been something else.

https://evilzone.org/tutorials/assumption-based-gpu-hash-cracking-theory/
« Last Edit: November 25, 2014, 09:00:40 am by raizo »
The greatest trick the devil ever pulled was convincing the world he didn't exist.

Offline FTPPalace

  • /dev/null
  • *
  • Posts: 5
  • Cookies: -1
    • View Profile
Re: Mass Hash Cracking ;)
« Reply #4 on: November 25, 2014, 11:41:44 am »
Thanks for the tips, this is great !


I still have a lot to learn, and that's what's awesome !!!!!

Offline yhi

  • Serf
  • *
  • Posts: 42
  • Cookies: -70
    • View Profile
Re: Mass Hash Cracking ;)
« Reply #5 on: April 05, 2015, 09:57:05 pm »
My notes on de-hashing passwords...

 use: hash-identifier
 to find out the hash type.
 
 use: hashcat
 hashcat -m 0 -a 1 /root/Desktop/Hashing/hashes.txt /root/Desktop/(path to password file) -r /usr/share/oclhashcat-plus/rules/rockyou-30000.rule


the hashcat command is wrong :/

windows use NTLM hash
so mode will be 1000 not 0
mode 0 is for md5 hashes

Offline yhi

  • Serf
  • *
  • Posts: 42
  • Cookies: -70
    • View Profile
Re: Mass Hash Cracking ;)
« Reply #6 on: April 05, 2015, 09:58:18 pm »
Hi yhi,


Can you please try to crack the "admin" user password in the below:



you want plain text for this "37daed37b26be6fe6ac86ac23719aaca"
ok i will try my best :)

Offline white-knight

  • Knight
  • **
  • Posts: 190
  • Cookies: 26
    • View Profile
Re: Mass Hash Cracking ;)
« Reply #7 on: April 06, 2015, 01:36:54 am »

http://www.hashkiller.co.uk/



37daed37b26be6fe6ac86ac23719aaca NTLM :
Eric2169