How to extract NTLM Hashes from Wireshark Captures for cracking with Hashcat
Вставка
- Опубліковано 15 січ 2023
- This videos shows how to filter a network traffic capture (pcap) to identify Net-NTLMv2 hashes and afterwards extract the relevant information to construct the correct format for cracking with Hashcat.
- Наука та технологія
Perfect straight to the point,
Thanks for watching!
Thanks for showing the packet capture! Awesome! Subbed
Thanks for the comment! Happy to hear the content is useful. 🙂
Fun times ! You just got another subscriber my
Friend
Thanks for the note, appreciate it!
Thank you! You are good
Thanks for watching!
Underrated! All im sayin.
Thanks for watching and commenting. Much appreciated! 🙂
I just tried this, but the only difference is I was capturing this information over HTTP instead of SMB. Does that make a difference? I ask because I was trying to generate a proof of concept where I controlled the username and password going in, but it wouldn't crack. I tried four different times and it didn't work. Is something different when these are captured over HTTP instead of an SMB connection?
Good question. First thought is that it should just work the same, but I haven't tried. Relaying def works, that I have done many times in past.
Thanks. I had a colleague try it too, and got the same result as I did. This is for a pentest proof of concept, so I’m not in position to relay unfortunately.
👌👌
Thanks!
Sir plz tell me how to extract password from handshake file via wireshark