-
September 13th, 2010, 04:48 AM
#1
Member
question about cracking NTLM hashes
I just got the NTLM hashes from a Win 7 VM. I got them using "auxiliary/server/capture/smb" from metasploit, so I could import them into Cain for cracking; however, Win 7 has LM off by default, so I was only able to get NTLM, and I was able to import into Cain, but I can't launch a dict-attack.... don't know why. I launch it but it will try to run and stop. the hashes are not in the usual pwdump format. Here's the format.
user1:vista-vbox:1122334455667788:0000000000000000000000000000 00000000000000000000:fc73f3f5f74fc8518c9b6b045e79f ec401010000000000002904a4d3244fcb01740f29bcff07e28 300000000020000000000000000000000
This is what Metasploit shows as the exploit runs:
vista-vbox\user1 LMHASH:0000000000000000000000000000000000000000000 00000 NTHASH:2f16e1adfae1b88a0d683105511e5d9301010000000 00000705351442651cb014e497b5310c7d4790000000002000 0000000000000000000
could anyone tell me if the reason why the dic-attack is not running is b/c the NTLM hash is not in the right format, or do I need to run something different like rainbow-tables....just by looking at the NTLM hash I think is too long
any help appreciated
thanks
Similar Threads
-
By 3rr0r in forum The Security Tutorials Forum
Replies: 22
Last Post: May 28th, 2004, 02:19 AM
-
By jm459 in forum Tech Humor
Replies: 1
Last Post: April 14th, 2004, 01:41 PM
-
By AlkAzAA in forum Miscellaneous Security Discussions
Replies: 5
Last Post: March 10th, 2004, 11:56 AM
-
By Fasheezy in forum Hardware
Replies: 5
Last Post: February 5th, 2004, 04:25 PM
-
By Alcatraz in forum Newbie Security Questions
Replies: 13
Last Post: July 9th, 2003, 07:34 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|