kaiserninja Posted March 9, 2017 Share Posted March 9, 2017 (edited) What format are the hashes created in the loot folder? Do I need to convert them to another format for cracking? I lifted my hashes from my windows machine and am trying to use John the ripper to crack it and it says no "passwd hashes loaded". Edited March 10, 2017 by kaiserninja problem solved Quote Link to comment Share on other sites More sharing options...
WatskeBart Posted March 9, 2017 Share Posted March 9, 2017 49 minutes ago, kaiserninja said: What format are the hashes created in the loot folder? Do I need to convert them to another format for cracking? I lifted my hashes from my windows machine and am trying to use John the ripper to crack it and it says no "passwd hashes loaded". Look what @Cpt.Pickles posted here. This site tells it all. Quote Link to comment Share on other sites More sharing options...
kaiserninja Posted March 10, 2017 Author Share Posted March 10, 2017 I found out that my problem was that I was using John the Ripper standard version which can't read the NTLMv2 Hash. You must have the John the Ripper Jumbo version. I could not get it to compile on Ubuntu 16 because of libopenssl being broken but I am a mac user and found a precompiled version of it here http://download.openwall.net/pub/projects/john/contrib/macosx/ On a mac just download this folder and navigate to the /run directory and run the command. No need to compile anything. ./john --format=netntlmv2 "your_hashfile_here.txt" and it will brute force it. Cracked my 4 letter hash I pulled from the bashbunny in about 10 seconds. You could also point it to a dictionary file by appending that to the end of the command like so: ./john --format=netntlmv2 "your_hashfile_here.txt" "your_dictionary_file.txt" If someone has an idea on how to install john the ripper jumbo on Ubuntu that might be helpful to some people here who don't have mac. Also I couldn't use hash cat because it uses the gpu and my laptop has an onboard intel unsupported chip. Hope this helps! Quote Link to comment Share on other sites More sharing options...
azzarin Posted March 10, 2017 Share Posted March 10, 2017 I tried this yesterday using hashcat. I would recommend you do to. It's fast and easy, lots of support too. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.