kaiserninja Posted March 9, 2017 Posted March 9, 2017 (edited) What format are the hashes created in the loot folder? Do I need to convert them to another format for cracking? I lifted my hashes from my windows machine and am trying to use John the ripper to crack it and it says no "passwd hashes loaded". Edited March 10, 2017 by kaiserninja problem solved Quote
WatskeBart Posted March 9, 2017 Posted March 9, 2017 49 minutes ago, kaiserninja said: What format are the hashes created in the loot folder? Do I need to convert them to another format for cracking? I lifted my hashes from my windows machine and am trying to use John the ripper to crack it and it says no "passwd hashes loaded". Look what @Cpt.Pickles posted here. This site tells it all. Quote
kaiserninja Posted March 10, 2017 Author Posted March 10, 2017 I found out that my problem was that I was using John the Ripper standard version which can't read the NTLMv2 Hash. You must have the John the Ripper Jumbo version. I could not get it to compile on Ubuntu 16 because of libopenssl being broken but I am a mac user and found a precompiled version of it here http://download.openwall.net/pub/projects/john/contrib/macosx/ On a mac just download this folder and navigate to the /run directory and run the command. No need to compile anything. ./john --format=netntlmv2 "your_hashfile_here.txt" and it will brute force it. Cracked my 4 letter hash I pulled from the bashbunny in about 10 seconds. You could also point it to a dictionary file by appending that to the end of the command like so: ./john --format=netntlmv2 "your_hashfile_here.txt" "your_dictionary_file.txt" If someone has an idea on how to install john the ripper jumbo on Ubuntu that might be helpful to some people here who don't have mac. Also I couldn't use hash cat because it uses the gpu and my laptop has an onboard intel unsupported chip. Hope this helps! Quote
azzarin Posted March 10, 2017 Posted March 10, 2017 I tried this yesterday using hashcat. I would recommend you do to. It's fast and easy, lots of support too. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.