HTB Academy Cracking Passwords with Hashcat: Skills Assessment

Hi everyone,
have anyone cracked down 100% of DC01.inlanefreight.local.ntds hashes?
So far I managed to Recovered…: 731/895 (81.68%) Digests
and the page says, it is possible to crack all hashes.
I tried different rules, wordlists, using crunch, masks, but I
am stuck and can’t progress further.
Any hint or clue what I am missing to use?

About one year old. Anyone ever get back to you on this?

hi. not really.
I’ve moved on. did you get 100% of hash cracked?

I am using the OneRuleToRuleThemAll.rule rule for the last flag.

It’s running pretty well right now, but has anybody finished this last flag and completed the module?

Currently at 563/895: 62.91%

Also, the flag does not ask for any cracked hash in particular:

“After cracking the NTLM password hashes contained in the NTDS.dit file, perform an analysis of the results and find out the MOST common password in the INLANEFREIGHT.LOCAL domain.”

The flag might be found without cracking 100% of the hashes!


Okay, with 563 out of 895 hashes cracked, I was able to solve the puzzle.

If you get anywhere near 563 hashes, you should be able to get the flag.


I’ve already completed this module.
It is more like a personal challenge to crack 100% of passwords as it is says that is possible. I am trying to find which rule or whatever I am missing to achieve this.

If any one is struck in this module, I will make it simple:
copy all the content from the dit file.
paste it here Duplicate Word Finder (
it gives you the count of repeated words
find the most repeated hash and crack it. [This is how you simplify things in real life]
Happy Hacking

1 Like

For last question, keep it simple!
What I did:
-From all the NTDS.dit file you just need NTLM hash, cut it!
-You need the MOST common password, that is the same of the MOST common NTML hash (use uniq --count to get the MOST repeated NTLM hash)
-Crack it!