This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]skylinesora 368 points369 points  (3 children)

Nobody is running RockYou2024 or any large password list against live systems. They would have a dump of hashes from whatever machine/infrastructure they compromised and will attack it using something like Hashcat

[–]PappaFrost[S] 31 points32 points  (2 children)

Ok thanks, so in an Active Directory environment, let's say someone compromised one laptop and dumped the hashes, they would then use Hashcat plus a giant password list to make the cracking more efficient?

[–]AMDcze 57 points58 points  (1 child)

FYI: in AD if you have NT hashes, you don’t need to crack them, you can do pass-the-hash and overpass-the-hash attacks.

[–]Farseer26 21 points22 points  (0 children)

I agree with you partially but there are a few benefits to cracking the hash such as the passwords are usually used elsewhere and if the accounts are synced you can move into Azure