Hello its me, i was having a bit of trouble figuring this one out…because i wasnt thinking, but if you need help let me expand on the hints that HTB gives you. Hint #1: Though hashid and other hash identifiers tell you its MD5, its actually NTML (this messed me up for a solid hour and a half, suuper fun) Hint #2: HTB tells you to “…use one of the Hashcat built-in rule sets or hybrid mode.” you can go to Working with Rules >> Hashcat - Default Rules oooor you can mess around with hybrid, Hybrid Mode >> Hashcat - Hybrid Attack using Wordlists.
First off i apologize for the late reply, I’ve been off due to extenuating personal reasons.
For the first part where you use the leetspeak.rule, the rockyou.txt (i guess now needs to be extracted) you should be able to find one thats not in a tar ball at /usr/share/wordlists/rockyou.txt.gz which is in a GZIP file format that you will HAVE TO extract.
I did mine to the /home/htb-ac-1139223/Downloads/rockyou.txt
After that it should look something like so:
hashcat -a 0 -m 1000 7106812752615cdfe427e01b98cd4083 /home/htb-ac-1139223/Downloads/rockyou.txt -r /usr/share/hashcat/rules/{…}
Follow to the Default rules subsection in the Working with Rules area in this room and just plug in going down the list there. Youll get a couple errors for the first few rule lists but keep at it and youll find your answer!
Hope this helps
-Reiu
