Active Directory Password Cracking with HashCat

RFSRFS
1 min read

Table of contents

Learn how to crack Active Directory Passwords using Hashcat

Crack LM Hashs

LM hash is used by Microsoft LAN manager used on old versions, which is totally insecure.

We can crack LM with hashcat using:

hashcat -m 3000 -a 3 hash.txt

How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases

Cracking Windows New Technology LAN Manager (NTLM)

hashcat -m 1000 -a 3 hash.txt

NetNTLMv1

hashcat -m 5500 -a 3 hash.txt

NetNTLMv2

hashcat -m 5600 -a 3 hash.txt rockyou.txt

Kerberos 5 TGS

hashcat -m 13100 -a 3 hash.txt rockyou.txt

Kerberos 5 TGS AES128

hashcat -m 19600 -a 0 spn.txt hash.txt rockyou.txt

Kerberos 5 TGS AES256

hashcat -m 19700 -a 0 spn.txt hash.txt rockyou.txt

Kerberos ADREP

hashcat -m 18200 -a 0 spn.txt hash.txt rockyou.txt

MsCache 2

hashcat -m 2100-a 0 mscache-hash.txt hash.txt rockyou.txt
0
Subscribe to my newsletter

Read articles from RFS directly inside your inbox. Subscribe to the newsletter, and don't miss out.

uncategorized

Written by

RFS
RFS

Connected since 1996!