Mass Hash Cracking ;)

[yhi]

i am providing mass hash cracking service

no limit of hash
just give me hash & i will try to crack them

[FTPPalace]

Hi yhi,


Can you please try to crack the "admin" user password in the below:


Administrateur:500:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
Invité:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
admin:1000:aad3b435b51404eeaad3b435b51404ee:37daed37b26be6fe6ac86ac23719aaca:::
HomeGroupUser$:1002:aad3b435b51404eeaad3b435b51404ee:9a7a1cfd02d858c7803c1f9b31a42e9c:::
LogMeInRemoteUser:1003:aad3b435b51404eeaad3b435b51404ee:e33b9ed540d6e47a55ce63d6c207417d:::


It's a Windows 7 login password.


Any chance you could lend me a hand in how to do it. I've been trying to practice out of interest and to better my own defenses and have not been able to crack this one, yet it is quite easy.


Thanks a lot !

[Comm4nd0]

My notes on de-hashing passwords...

 use: hash-identifier
 to find out the hash type.
 
 use: hashcat
 hashcat -m 0 -a 1 /root/Desktop/Hashing/hashes.txt /root/Desktop/(path to password file) -r /usr/share/oclhashcat-plus/rules/rockyou-30000.rule

[raizo]

My notes on de-hashing passwords...

 use: hash-identifier
 to find out the hash type.

@FTPPalace, see tip above by Comm4nd0. Honestly bro, anyone with 2 weeks of password cracking experience knows that you have a NTLM hash under 15 characters long (this can be confirmed by splitting the hash into two parts, and cracking the first one or second one). If the password is less than 15 (or 14, can't remember the limit windows puts on hashes before they get weird), the first part of the hash will crack as a blank, and is generally (not always) aad3b435b51404eeaad3b435b51404ee.

This leaves you with a cool trick to stop wasting your time...crack the second part of the hash. Now, if you get something different for the first part of the hash that can mean one of a couple of things.

!) The password is longer than 15 characters and you still need to crack both parts individually
2) The password is salted and you need the system file to separate the salt.

You know now what needs to be done for NTLM hashes. I recommend looking at the tut Z3R0 posted about m0rph's assumption-based password cracking theory, because it's quite good. I find it amazing he developed a method for dramatically reducing the cracking time of complex 8+ char passwords without having to buy ridiculous hardware. The dude must have been something else.

https://evilzone.org/tutorials/assumption-based-gpu-hash-cracking-theory/

[FTPPalace]

Thanks for the tips, this is great !


I still have a lot to learn, and that's what's awesome !!!!!

[yhi]

My notes on de-hashing passwords...

 use: hash-identifier
 to find out the hash type.
 
 use: hashcat
 hashcat -m 0 -a 1 /root/Desktop/Hashing/hashes.txt /root/Desktop/(path to password file) -r /usr/share/oclhashcat-plus/rules/rockyou-30000.rule

the hashcat command is wrong :/

windows use NTLM hash
so mode will be 1000 not 0
mode 0 is for md5 hashes

[yhi]

Hi yhi,


Can you please try to crack the "admin" user password in the below:

you want plain text for this "37daed37b26be6fe6ac86ac23719aaca"
ok i will try my best

[white-knight]

http://www.hashkiller.co.uk/



37daed37b26be6fe6ac86ac23719aaca NTLM : Eric2169