I'm using fgdump to dump passwords on a Windows 7 x64 PC, I then use the -f option in rcarcki_mt and specify the file .pwdump file previously created. rcracki_mt outputs invalid LM/NTLM hash. If I open the .pwdump file and select the last part of the hash and use the -h option in rcracki_mt it will attempt to crack using NTML raindows tables. It seems that rcacki_mt cant distingish LM vs. NTLM/NT hashes. Attached is a sample .pwdump file. Again if I specify the hash of B9E0CFCEAF6D077970306A2FD88A7C0A using NTLM tables it will attempt to crack the password.
Log in to post a comment.