Jump to content

Dump Cache Questions


setzer1411

Recommended Posts

I recently installed Gonzors 2.0 switchblade, which has the option to dump the windows cache Example:

*******:********************************:***:***.**.**.***

Username, hash and domain removed by request of British Petroleum

This is what is returned, I am new to playing with hashes and I am completely lost as to how this can be converted back to the original password. If anyone will please enlighten me, I would greatly appreciate it.  Google suggested ophcrack, if this will work where do I get the tables it requires? Thank you again.

I think this is MD5 format, can someone confirm this and maybe explain what it means? Il be googleing until I see a reply, thank you.

Link to comment
Share on other sites

These are username-salted MSCASH hashes, thus rainbow tables won't work.

You will need something like John The Ripper (with the MSCASH patch), cachebf, or Cain and Abel to perform a dictionary and/or brute force attack.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...