As the great philosopher ludacris said, “if you get hashes, you crack them. it’s a rule.” Welcome to a world where getting a hash should mean you also just owned that account. This is boring if it’s your grandmother’s computer, but way more interesting when it’s a bank. This talk will discuss the basic concepts behind password hashes, how they can be obtained, and what to do with them once you have them. Special attention will be given to demos related to effective hash cracking techniques and introduction to toolsets for making the process as efficient and effective as possible.
Bash commands for Kali:
mkdir NTLM-Project && cd NTLM-Project wget http://www.alexrams.com/blog/wp-content/uploads/2014/09/sorted.zip unzip sorted wget http://www.alexrams.com/blog/wp-content/uploads/2014/09/hashes.txt john --crack-status --rules --format=nt2 --wordlist=sorted.txt hashes.txt cd ~/.john cat john.pot
- local: hashes.txt
- local: sorted.zip
- remote: www.lockfale.com/sorted.zip