Login

Recent searches

No recent searches

Search options

Only available when logged in.
fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

10K
active users

fosstodon.org: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

#hashcat

0 posts0 participants0 posts today
Will Hunt<p>Top <a href="https://infosec.exchange/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a> tip:</p><p>Want per-position duplication in your rules to leverage your GPU?</p><p>It's not available in a single op, but you can emulate it by incrementally duplicating the first N chars, and then incrementally deleting the position and frequency of the redundant characters</p><p><a href="https://infosec.exchange/tags/password" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>password</span></a> <a href="https://infosec.exchange/tags/passwordcracking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>passwordcracking</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a></p>
Cyclone<p>New version of <a href="https://infosec.exchange/tags/hashgen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashgen</span></a> published.</p><p>Changelog:<br>v1.1.0; 2025-03-19<br>added modes: <a href="https://infosec.exchange/tags/base58" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>base58</span></a>, <a href="https://infosec.exchange/tags/argon2id" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>argon2id</span></a>, <a href="https://infosec.exchange/tags/bcrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bcrypt</span></a> w/custom cost factor</p><p><a href="https://forum.hashpwn.net/post/89" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">forum.hashpwn.net/post/89</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/hashgenerator" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashgenerator</span></a> <a href="https://infosec.exchange/tags/hashcracking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcracking</span></a> <a href="https://infosec.exchange/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a> <a href="https://infosec.exchange/tags/hashpwn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashpwn</span></a> <a href="https://infosec.exchange/tags/cyclone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyclone</span></a> <a href="https://infosec.exchange/tags/golang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>golang</span></a></p>
Nagaram<p>So I want to make a script that generates a whole slew of generic NTLMv2 hashes for me to try to crack with Hashcat. </p><p>I'm doing NTLMv2 because it's actually relavent to my job right now and seems to be the only one I can't find a python script for.</p><p>Any recs for how I can do this?</p><p><a href="https://hachyderm.io/tags/cryptography" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cryptography</span></a> <a href="https://hachyderm.io/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a> <a href="https://hachyderm.io/tags/kali" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kali</span></a> <a href="https://hachyderm.io/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p>
Cyclone<p>Installing the official Nvidia CUDA-toolkit on linux distros can be a pain. Here's a script that automates this so you can get back to cracking hashes.</p><p><a href="https://forum.hashpwn.net/post/451" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">forum.hashpwn.net/post/451</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/nvidia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nvidia</span></a> <a href="https://infosec.exchange/tags/cuda" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cuda</span></a> <a href="https://infosec.exchange/tags/cudatoolkit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cudatoolkit</span></a> <a href="https://infosec.exchange/tags/hashpwn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashpwn</span></a> <a href="https://infosec.exchange/tags/hashcracking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcracking</span></a> <a href="https://infosec.exchange/tags/cyclone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyclone</span></a> <a href="https://infosec.exchange/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a></p>
Cyclone<p>After seeing yescrypt hashes appear in CMIYC a while back, I started developing a yescrypt cracker in pure Go. Since then, yescrypt has become the default /etc/shadow hash for many popular linux distros such as Debian, Ubuntu, RHEL, Fedora, and Arch (to name a few), but hash cracking support for this algo has been limited to JtR -- until now.</p><p>Here's a sneak peek of the yescrypt_cracker POC: </p><p><a href="https://forum.hashpwn.net/post/446" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">forum.hashpwn.net/post/446</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/yescrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>yescrypt</span></a> <a href="https://infosec.exchange/tags/hashcracking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcracking</span></a> <a href="https://infosec.exchange/tags/cyclone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyclone</span></a> <a href="https://infosec.exchange/tags/hashpwn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashpwn</span></a> <a href="https://infosec.exchange/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a> <a href="https://infosec.exchange/tags/cmiyc" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cmiyc</span></a> <a href="https://infosec.exchange/tags/jtr" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>jtr</span></a> <a href="https://infosec.exchange/tags/johntheripper" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>johntheripper</span></a> <a href="https://infosec.exchange/tags/golang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>golang</span></a></p>
Royce Williams<p>Good breakdown from Elcomsoft on 5090 relevance to password cracking.</p><p>tl;dr better in theory, not yet in practice (perf/$). Not yet sure if driver or hashcat improvements could eventually take better advantage of new hardware features, though.</p><p><a href="https://blog.elcomsoft.com/2025/02/nvidia-blackwell-is-out-should-you-upgrade/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.elcomsoft.com/2025/02/nvi</span><span class="invisible">dia-blackwell-is-out-should-you-upgrade/</span></a></p><p><a href="https://infosec.exchange/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a></p>
Royce Williams<p>The hashcat.net site is down -- side effect of maintenance by hosting provider. Being worked.<br>[Edit: back up a week later]</p><p>Current release (GitHub): <a href="https://github.com/hashcat/hashcat/releases/tag/v6.2.6" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/hashcat/hashcat/rel</span><span class="invisible">eases/tag/v6.2.6</span></a></p><p>Convenience Wayback links:</p><p><strong>Main page</strong>: <br><a href="https://web.archive.org/web/20250211000850/hashcat.net/hashcat/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">web.archive.org/web/2025021100</span><span class="invisible">0850/hashcat.net/hashcat/</span></a></p><p><strong>Rules</strong>: <br><a href="https://web.archive.org/web/20250211234251/https://hashcat.net/wiki/doku.php?id=rule_based_attack" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">web.archive.org/web/2025021123</span><span class="invisible">4251/https://hashcat.net/wiki/doku.php?id=rule_based_attack</span></a></p><p><strong>Example hashes</strong> :<br><a href="https://web.archive.org/web/20250216060927/https://hashcat.net/wiki/doku.php?id=example_hashes" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">web.archive.org/web/2025021606</span><span class="invisible">0927/https://hashcat.net/wiki/doku.php?id=example_hashes</span></a></p><p><strong>FAQ</strong>: <br><a href="https://web.archive.org/web/20250219024304/https://hashcat.net/wiki/doku.php?id=frequently_asked_questions" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">web.archive.org/web/2025021902</span><span class="invisible">4304/https://hashcat.net/wiki/doku.php?id=frequently_asked_questions</span></a></p><p>Recent beta:<br><a href="https://web.archive.org/web/20250130114639/https://hashcat.net/beta/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">web.archive.org/web/2025013011</span><span class="invisible">4639/https://hashcat.net/beta/</span></a></p><p><span class="h-card" translate="no"><a href="https://infosec.exchange/@hashcat" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>hashcat</span></a></span> <a href="https://infosec.exchange/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a></p>
Royce Williams<p>Did you know that Gitea uses pbkdf2 hashes, but they have to be converted for hashcat to crack them? </p><p>Hashcat's own unix-ninja has written a tool for that!</p><p><a href="https://www.unix-ninja.com/p/cracking_giteas_pbkdf2_password_hashes" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">unix-ninja.com/p/cracking_gite</span><span class="invisible">as_pbkdf2_password_hashes</span></a></p><p><a href="https://infosec.exchange/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a></p>
Royce Williams<p>Great coverage by Jan Doskočil of NSEC3 hash enumeration, and cracking with hashcat. Also good info about the limits of making that harder (some resolvers cap the work factor they will resolve!)</p><p><a href="https://infosec.exchange/@jpmens@mastodon.social/114019491327504188" translate="no" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@jpmens@masto</span><span class="invisible">don.social/114019491327504188</span></a></p><p>Via <span class="h-card" translate="no"><a href="https://mastodon.social/@jpmens" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>jpmens</span></a></span> </p><p><a href="https://infosec.exchange/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNS</span></a> <a href="https://infosec.exchange/tags/NSEC3" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NSEC3</span></a> <a href="https://infosec.exchange/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a></p>
alip<p><a href="https://mastodon.online/tags/sydbox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sydbox</span></a> 3.32.0 is released! We now officially support <a href="https://mastodon.online/tags/GPU" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GPU</span></a> access for <a href="https://mastodon.online/tags/ROCm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ROCm</span></a> and <a href="https://mastodon.online/tags/nVIDIA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nVIDIA</span></a>! See the release mail here: <a href="https://is.gd/kN1rUt" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">is.gd/kN1rUt</span><span class="invisible"></span></a> and here is a profile auto-generated by <a href="https://mastodon.online/tags/pandora" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pandora</span></a> for <a href="https://mastodon.online/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a> accessing an <a href="https://mastodon.online/tags/nVIDIA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nVIDIA</span></a> <a href="https://mastodon.online/tags/GPU" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GPU</span></a> using <a href="https://mastodon.online/tags/cuda" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cuda</span></a> libraries: <a href="https://dpaste.com/6DQ97T2DM" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">dpaste.com/6DQ97T2DM</span><span class="invisible"></span></a> <a href="https://mastodon.online/tags/exherbo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>exherbo</span></a> <a href="https://mastodon.online/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a> <a href="https://mastodon.online/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a></p>
sekurak News<p>Łamanie haseł szybsze o 35%. Wyniki najnowszej karty NVIDIA RTX 5090.</p><p>Właśnie pojawił się benchmark pokazujący szybkość najnowszego flagowca od NVIDII – RTX 5090 FE. Całość oczywiście w kontekście flagowego ;) narzędzia do odzyskiwania/łamania haseł – hashcata. Przykładowe porównania z RTX 4090: Zapewne jeszcze czekają nas aktualizacje sterowników, co wpłynie na szybkość działania hashcata. Czy te szybkości wpływają na obecne rekomendacje...</p><p><a href="https://mastodon.com.pl/tags/WBiegu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WBiegu</span></a> #5090 <a href="https://mastodon.com.pl/tags/Awareness" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Awareness</span></a> <a href="https://mastodon.com.pl/tags/Hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hashcat</span></a> <a href="https://mastodon.com.pl/tags/Has%C5%82a" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hasła</span></a> <a href="https://mastodon.com.pl/tags/Nvidia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nvidia</span></a></p><p><a href="https://sekurak.pl/lamanie-hasel-szybsze-o-35-wyniki-najnowszej-karty-nvidia-rtx-5090/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">sekurak.pl/lamanie-hasel-szybs</span><span class="invisible">ze-o-35-wyniki-najnowszej-karty-nvidia-rtx-5090/</span></a></p>
Cyclone<p>Nvidia RTX 5090 hashcat benchmarks.</p><p><a href="https://forum.hashpwn.net/post/391" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">forum.hashpwn.net/post/391</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a> <a href="https://infosec.exchange/tags/nvidia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nvidia</span></a> <a href="https://infosec.exchange/tags/rtx5090" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>rtx5090</span></a> <a href="https://infosec.exchange/tags/hashcracking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcracking</span></a> <a href="https://infosec.exchange/tags/hashpwn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashpwn</span></a></p>
Aaron Toponce ⚛️:debian:<p>Do we have any updated <a href="https://fosstodon.org/tags/password" class="mention hashtag" rel="tag">#<span>password</span></a> cracking benchmarks with <a href="https://fosstodon.org/tags/Hashcat" class="mention hashtag" rel="tag">#<span>Hashcat</span></a> on the new NVIDIA RTX 5000-series GPUs?</p><p><a href="https://fosstodon.org/tags/passwords" class="mention hashtag" rel="tag">#<span>passwords</span></a></p><p>Ping: <span class="h-card" translate="no"><a href="https://infosec.exchange/@tychotithonus" class="u-url mention">@<span>tychotithonus</span></a></span></p>
patpro<p>1236 emails envoyés à autant d’utilisateurisses dont j’ai pu casser le mot de passe lors d’un audit.<br>Si tout se passe bien, demain j’aurais de la lecture.</p><p><a href="https://mastodon.green/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a> <a href="https://mastodon.green/tags/JohnTheRipper" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>JohnTheRipper</span></a> <a href="https://mastodon.green/tags/motdepasse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>motdepasse</span></a> <a href="https://mastodon.green/tags/RSSI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RSSI</span></a></p>
Erik van Straten<p><span class="h-card" translate="no"><a href="https://social.bau-ha.us/@CCC" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>CCC</span></a></span> : aus dem Artikel:</p><p>"Ein einfacher Satz wie „IchLiebeEsGegenFaschistenZuDemonstrieren!“ ist sicherer als „Mb2.r5oHf-0t“.<br>Lange Sätze sind leicht zu merken und zu tippen, aber schwer zu knacken."</p><p> 🚨 Das ist FALSCH. 🚨</p><p>Wenn einmal in einem "Dictionary" (Worterbuch), wie z.b. "Rockyou" [1] macht die länge nichts aus.</p><p>[1] Z.b. <a href="https://dekisoft.com/rockyou-txt-gz-password-list-download/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">dekisoft.com/rockyou-txt-gz-pa</span><span class="invisible">ssword-list-download/</span></a></p><p>Am sichersten braucht man eine Password Manager mit einem random generierties Passwort für jedem Account.</p><p>Mehr info (Englisch): <a href="https://infosec.exchange/@ErikvanStraten/113022180851761038" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/113022180851761038</span></a>; mit Android Screenshot: <a href="https://infosec.exchange/@ErikvanStraten/113549056619471557" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/113549056619471557</span></a>.</p><p>Passkeys sind leider noch ungeignet: <a href="https://infosec.exchange/@ErikvanStraten/113832302818012852" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/113832302818012852</span></a>.</p><p>Password "cracking" mit hashcat und NVidia Video-Karte: <a href="https://gist.github.com/ZephrFish/b849331aafa015ddd7786ca20ce718d7" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gist.github.com/ZephrFish/b849</span><span class="invisible">331aafa015ddd7786ca20ce718d7</span></a>.</p><p>Edit 17:25: beispiele aus RockYou2021.txt (~90MB) in <a href="https://infosec.exchange/@ErikvanStraten/113923644127405769" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/113923644127405769</span></a>.</p><p>(Verzeihe Fälle-Fehler, ein Holländer hier).</p><p><a href="https://infosec.exchange/tags/Passwords" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passwords</span></a> <a href="https://infosec.exchange/tags/Passwoerter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passwoerter</span></a> <a href="https://infosec.exchange/tags/Rockyou" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Rockyou</span></a> <a href="https://infosec.exchange/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a></p>
Cyclone<p>🚀 New Release: crackmon v0.2.0</p><p>Details: Hashcat wrapper for bypassing current session if crack rate falls below threshold.</p><p><a href="https://forum.hashpwn.net/post/79" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">forum.hashpwn.net/post/79</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/crackmon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>crackmon</span></a> <a href="https://infosec.exchange/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a> <a href="https://infosec.exchange/tags/hashpwn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashpwn</span></a> <a href="https://infosec.exchange/tags/hashcracking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcracking</span></a> <a href="https://infosec.exchange/tags/cyclone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyclone</span></a> <a href="https://infosec.exchange/tags/golang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>golang</span></a></p>
Angerman 🦅<p>While I am at it anyway; <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phishing</span></a> meets <a href="https://infosec.exchange/tags/SMB" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SMB</span></a>: Exploiting network trust to capture <a href="https://infosec.exchange/tags/NTLM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NTLM</span></a> hashes (<a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> fun)</p><p>One effective phishing method leverages SMB connections to capture <a href="https://infosec.exchange/tags/NetNTLM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetNTLM</span></a> hashes for offline <a href="https://infosec.exchange/tags/cracking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cracking</span></a>, providing attackers with credentials for the next phase (for example social engineering or other tech attacks). Oh; BIT B.V. (bit.nl) did send my a set of abuse mails, … sorry 😆 … but very nice and thx 🙏🏼, anyway;</p><p>Exploit Path: Initial Phishing Vector: The attack starts with a phishing email or download website or something something, containing a payload (e.g., a malicious document or shortcut file, whatever, choose your poison). </p><p>The payload initiates an SMB request to the attacker-controlled server (`\\&lt;C2IP&gt;\share`), tricking the victim’s system into authenticating with it. Modern browsers like edge won’t fly; you need to get a bit more creative to execute this and no it’s not a hyperlink. Think Java. Or macro (although; meh). </p><p>Then we have SMB Request Redirection: Tools like Responder on the attacker’s C2 server capture NetNTLMv2 hashes during these authentication attempts. This works over IPv4 and IPv6, with IPv6 often prioritized in networks and less monitored. Hence <a href="https://infosec.exchange/tags/mitm6" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mitm6</span></a>. But that’s another story. </p><p>Captured hashes are cracked offline using tools like <a href="https://infosec.exchange/tags/Hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hashcat</span></a>, potentially giving credentials for further attacks. It’s also an excuse for my new RTX 5090 card. 😉</p><p>Observations from recent penetration tests where I executed this attack; </p><p>-Firewall Rules: not excisting … at all. 🥹<br>Many environments have outbound 'any-any' rules on firewalls, even on critical nets like Citrix farms. This unrestricted outbound traffic allows SMB authentication requests to reach attacker-controlled servers on the internet. And there is something with remote workers and open internet access lately… <br>-<a href="https://infosec.exchange/tags/Azure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Azure</span></a> and <a href="https://infosec.exchange/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> Gaps, here we go again (see <a href="https://lnkd.in/g2ctMEDG" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">lnkd.in/g2ctMEDG</span><span class="invisible"></span></a>); 2FA exclusions are another common issue:<br>- Trusted locations (e.g., `192.168.x.x` or specific IP ranges) configured to bypass 2FA/MFA.. intended to improve usability, such exclusions can be exploited once an attacker gains access to these "trusted" locations; simply put a VM inside a 192.168 range and chances are…. Good. </p><p>These misconfigurations reduce the effectiveness of otherwise robust security measures like MFA and firewall segmentation, giving attackers unnecessary opportunities.</p><p>The Takeaway: Attackers thrive on overlooked gaps in configuration. Whether it's outbound "any-any" firewall rules or MFA bypasses for trusted locations, these lapses provide unnecessary pathways for compromise. By combining phishing, SMB exploitation, and tools like Responder, we can target foundational weaknesses in even hybrid environments. I’ve seen soc’s only respond after mission target; because most are monitoring just on the endpoint (EDR/XDR), poorly.</p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phishing</span></a> <a href="https://infosec.exchange/tags/SMB" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SMB</span></a> <a href="https://infosec.exchange/tags/NTLM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NTLM</span></a> <a href="https://infosec.exchange/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MFA</span></a> <a href="https://infosec.exchange/tags/FirewallSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FirewallSecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> </p><p>The meme is absolutely intended as shitposting. Sorry 🤣</p>
patpro<p>Les yeux plus gros que le ventre.</p><p><a href="https://mastodon.green/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a> <a href="https://mastodon.green/tags/motdepasseoublie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>motdepasseoublie</span></a></p>
toto<p>Mit <span class="h-card" translate="no"><a href="https://fosstodon.org/@chriseth" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>chriseth</span></a></span> die <span class="h-card" translate="no"><a href="https://chaos.social/@winkekatze" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>winkekatze</span></a></span> <a href="https://social.mrtoto.net/tags/TelnetKlartextReden" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TelnetKlartextReden</span></a> challenge erfolgreich geschafft zum Ende des Tag 3. Und das M4 MBP mal ein bisschen mit <a href="https://social.mrtoto.net/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a> schwitzen lassen 🐱</p><p><a href="https://chaos.social/@winkekatze/113739483146611341" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">chaos.social/@winkekatze/11373</span><span class="invisible">9483146611341</span></a></p>
Royce Williams<p>For folks (kindly) reporting that the hashcat.net cert has expired - apologies, and it's been escalated (no ETA yet, though)</p><p><a href="https://infosec.exchange/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hashcat</span></a></p>
ExploreLive feeds
About