'NTLM'에 해당되는 글 6건

  1. 2010.12.01 Windows Credentials Editor v1.0
  2. 2010.11.22 Hash Cracking tutorial with HashCat
  3. 2009.11.17 RainbowCrack - The Time-Memory Tradeoff Hash Cracker
2010. 12. 1. 19:59

Windows Credentials Editor v1.0

Supports Windows XP, 2003, Vista, 7 and 2008 (Vista was not actually
tested yet, but it should work).
Windows Credentials Editor (WCE) allows to list logon sessions and add,
change, list and delete associated credentials (ex.: LM/NT hashes). This
can be used, for example, to perform pass-the-hash on Windows and also
obtain NT/LM hashes from memory (from interactive logons, services,
remote desktop connections, etc.) which can be used in further attacks.

출처 : www.ampliasecurity.com

Trackback 0 Comment 0
2010. 11. 22. 19:04

Hash Cracking tutorial with HashCat

HashCat is a tool for cracking various types of hash. This tool can do more than one Hash cracking, which means we can put some hashes into a file.txt and it crack the hashes simultaneously. we can do offline cracking hashes (it means we don`t need an Internet connection that uses the hash databases that have been cracked before).

the hash algorithm supported by this tool include:
* MD5
* Md5 ($ pass. $ Salt)
* Md5 ($ salt. $ Pass)
* Md5 (md5 ($ pass))
* Md5 (md5 (md5 ($ pass)))
* Md5 (md5 ($ pass). $ Salt)
* Md5 (md5 ($ salt). $ Pass)
* Md5 ($ salt.md5 ($ pass))
* Md5 ($ salt. $ Pass. $ Salt)
* Md5 (md5 ($ salt). Md5 ($ pass))
* Md5 (md5 ($ pass). Md5 ($ salt))
* Md5 ($ salt.md5 ($ salt. $ Pass))
* Md5 ($ salt.md5 ($ pass. $ Salt))
* Md5 ($ username.0. $ Pass)
* Md5 (strtoupper (md5 ($ pass)))
* SHA1
* Sha1 ($ pass. $ Salt)
* Sha1 ($ salt. $ Pass)
* Sha1 (sha1 ($ pass))
* Sha1 (sha1 (sha1 ($ pass)))
* Sha1 (strtolower ($ username). $ Pass)
* MySQL4.1/MySQL5
* MD5 (WordPress)
* MD5 (PHPbb3)
* MD5 (Unix)
* SHA-1 (Base64)
* SSHA-1 (Base64)
* SHA-1 (Django)
* MD4
* Domain Cached credentials
* MD5 (CHAP)

Attack Mode supported in this tool:
* Straight *
* Combination *
* Toggle-Case *
* Brute-Force
* Permutation

First, create a file with notepad:
[1] C:\temp\hash.txt and
[2] C:\ temp\results.txt ago
open the C:\ temp\hash.txt and fill with Hash you want to crack. picture as below:

For C:\temp\results.txt , do nothing and let it blank because the cracked hashes will be saved in here.

Run Hashcrack. and follow the steps below:

In this tutorial, the author uses brute-force mode, cracking technique with a combination of characters. Notice the image below:

[-] In Hashfile column, click the folder icon (browse for hashfile) and open the C: \ temp \ hash.txt that you have previously made.
[-] In Brute force column, select mode and select the type of hash (we are trying to crack MD5 here)
[-] In the Password length, insert 1-14 (u may put about 20 oto 30) the longer the password length, the longer the cracking process.
[-] In bruteforce charset settings, you can fill with the desired character. eg abcdefghijklmnopqrstuvwxy z1234567890 or abcdefghijklmnopqrstuvwxy z1234567890 !@#$%^&*()_+
[-] In OUTFILE column, put a tick and specify the path in C:\temp\results.txt that you have previously made.
[-] Checklist OUTFILE Monitor and click I want to catch a Hash ..

Wait for the process of cracking (this tool directly run a CLI mode)

you will find the results of the hash that has been successful on crack.


Trackback 0 Comment 0
2009. 11. 17. 09:44

RainbowCrack - The Time-Memory Tradeoff Hash Cracker


The graphics user interface of rcrack program is introduced in RainbowCrack 1.4. Two new programs are included:
  • rcrack_gui.exe - GUI of rcrack program
  • rcrack_cuda_gui.exe - GUI of rcrack program with GPU computation support
This document describes the use of these programs.

Step 1: Load the hashes


Step 2: Specify the rainbow tables to be searched

Select "Search Rainbow Tables..." menu to specify individual rainbow tables to search:

Select "Search Rainbow Tables In Directory..." menu to search all rainbow tables in a directory:

Select "Search Rainbow Tables In Profile..." to specify a sequence of rainbow tables to search:


Step 3: Wait for the result

When rainbow tables are specified, the table lookup will start.

That is all.


We compare performance of different GPU based hash cracking methods. The first is direct GPU based brute force; the second is GPU based time-memory tradeoff hash cracking implemented in RainbowCrack software. The time-memory tradeoff approach is always hundreds of times faster.

원문 : http://project-rainbowcrack.com

Trackback 0 Comment 0