Search

Home

PNPT Studies

PJPT Studies

AD CS / Certificate Attacks (ESC1-15) (1, 8, 11 for now)

Report Writing / Client Presentation

Operationalizing Cybercrime Data (June 2025)

Cracking captured Hashes

We captured an NTLMv2 hash and we want to crack it.

hashcat --help | grep NTLM

we can see that the value would be 5600 for NTLMv2

that means our hashcat command should be:

hashcat -m 5600 hashes.txt rockyou.txt -O

We can also use their wiki for modules:

to show pass if you already cracked:

hashcat -m 5600 hashes.txt rockyou.txt --show

better password list:

rockyou2021 (90 GB)

Rules:

hashcat -m 5600 hashes.txt rockyou.txt -r OneRule

Smart things to think about:

If the company is in or near Pittsburgh, maybe try passwords related to the Pittsburgh football team!