StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POImplement a Data Structure to Compare NTLM Hashfiles
primarykey
Id
13615217
data
AcceptedAnswerId
14620793
AnswerCount
2
ClosedDate
CommentCount
2
CommunityOwnedDate
CreationDate
2012-11-28T22:04:48.777
FavoriteCount
0
LastActivityDate
2015-05-21T08:56:09.347
LastEditDate
2015-05-21T08:55:20.087
LastEditorUserId
1861357
OwnerUserId
1861357
ParentId
0
PostTypeId
1
Score
0
ViewCount
185
LastEditorDisplayName
text
Body
Currently I'm in the process of simplifying a process for extracting Windows password hashes in security audits. Personally I want to make the process easier to generate a list of recovered users and their passwords when I do an audit. I think it would also be useful for other people who are trying to compare and generate large amounts of data. So here's the gist: When I extract all of the data from the Windows system files, I simplify them down to the format user:hash, where the hash is an NTLM hash such as "a87f3a357d73085c45f9416be5787e86." I then will use oclHashcat and attempt to crack the hashes, whether it be dictionary or brute-force, it doesn't matter. I generate an output of all of the recovered hashes, however Hashcat generates them in the format hash:password. Now here's my problem and what I would like some input on - I want to produce the output as user:password given the two input files. Considering that I can have hundreds of hashes yet only a few recovered passwords, there is no use of trying to order the lists. I am unsure which data structure might benefit me the most. Arrays were too inefficient for large tables. I've looked into serialization and I've been exploring the use of Hash Maps and Hash Tables. Given the size of the hash, I haven't had any luck implementing either of these methods, or I'm doing so incorrectly. Currently I'm running the program like so: <pre><code>program [user:hash file] [hash:password file] -o [user:password output] </code></pre> And I'm effectively trying to run the program like so (briefly): <pre><code>Load Files // user:hash file For each line, split by ':' delimiter before delimiter = table1.user after delimiter = table1.hash // hash:password file For each line, split by ':' delimiter before delimiter = table2.hash after delimiter = table2.password // generate user:password file Check each entry of table1 vs table2 if table1.hash = table2.hash table1.user = output.user table2.password = output.password print to output "output.user:output.password" </code></pre> I am only trying to figure out an efficient method for tracing through each line and extracting the necessary data into a data structure that I can easily trace through. If I need to clarify anything, please let me know. Any help is appreciated!
Tags
<shell><hash><password-recovery>
Title
Implement a Data Structure to Compare NTLM Hashfiles
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USSignus
UserOwnerUserId
1. USSignus
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. This table or related slice is empty.
CommentsPostId
1. COCould you give more detail on the problems you have been having with hashes? Also, why are you implementing your hashes rather than using the ones in the stl?
 singulars
 PostPostId
 POImplement a Data Structure to Compare NTLM Hashfiles
 UserUserId
 USRonaldBarzell
2. COWell I think I was implementing them incorrectly to begin with. But then I started to wonder if there were any other better ways of storing that data. The reason I use my hashes is because they are an output from Hashcat and other software, and I need those for comparison.
 singulars
 PostPostId
 POImplement a Data Structure to Compare NTLM Hashfiles
 UserUserId
 USSignus

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.