SemiAnonyAnon Posted January 19, 2017 Share Posted January 19, 2017 **IT Issue, not directly Turtle Related** Hi Guys, I'm loving the Turtle, however, I've been able to get everything working however, I'm having an issue. When I use QuickCreds, or configured Responder, I capture the NTLM hash fine, but when I go to process it in Hashcat, with the known account credentials in the password file, or a weak password that I know and brute force it, I never get the calculated plaintext. The hash is seen as correct, and viable within Hashcat, but it's not valid. This is the example NTLM from Hashcat, which works fine: admin::N46iSNekpT:08ca45b7d7ea58ee:88dcbe4446168966a153a0064958dac6:5c7830315c7830310000000000000b45c67103d07d7b95acd12ffa11230e0000000052920b85f78d013c31cdb3b92f5d765c783030 (Processes to "hashcat") This is my capture with some details adjusted so that it remains private: REDACTED$::REDACTED:1122334455667788:REDACTEDFB7CBC971F7DEE1FREDACTED:0101000$ So why is this happening? The only thing I could think is that it's on a domain, (I've been given permission to this this, so don't worry) Thanks in advance. Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.