shuck.sh

Note:
This Hash-Shucking tool can be used to convert any input token from a supported format, to its other formats, and maybe even get the NT-hash directly!
The most optimized format for crack.sh and/or for Hashcat is delivered if the NT-hash is not obtained through the HIBP database (to pay-less / save time).
All the details (PT, K, CT, challenges) of the algorithmic dissection of the token are provided.
Click on the "[+]" of a line to get all token's details.
To use Hash-Shucking on-premise, without CAPTCHA nor limitation of the number of tokens to analyze, it is recommended to deploy the tool from GitHub.

Compatibility & Formats:
The output results are in various formats summarized in the following table with their tool's compatibility.

Token Format	Type	Shuck.sh	Crack.sh	HashCat	Description
login::domain:lmresp:ntresp:clientChall :::[a-fA-F\d]{48}:[a-fA-F\d]{48}:[a-fA-F\d]{16} Prefix: N/A / Delimiter: ":" / Hex / Optional login, domain, lmresp	NetNTLMv1-noESS/SSP	Ready to be shucked freely!	Incompatible format / requires conversion	Yes, mode 5500 / 27000 or 14000	NET(NT)LM hashes captured with a random challenge without ESS/SSP.
login::domain:lmresp(serverChall+0padding):ntresp:clientChall :::[a-fA-F\d]{16}[0]{32}:[a-fA-F\d]{48}:[a-fA-F\d]{16} Prefix: N/A / Delimiter: ":" / Hex / Optional login, domain	NetNTLMv1-ESS/SSP	Ready to be shucked freely!	Incompatible format / requires conversion	Yes, mode 5500 / 27000 or 14000	NET(NT)LM hashes captured with a random challenge with ESS/SSP (server challenge in LMresp with 0's padding).
(LM\|NT)HASH:ntresp (LM\|NT)HASH:[a-fA-F\d]{48} Prefix: (LM\|NT)HASH / Delimiter: ":" / Hex	NET(NT)LM	Ready to be shucked freely!	FREE/$20-$200	Incompatible format / requires conversion	NET(NT)LM with the 1122334455667788 challenge without ESS/SSP.
$NET(NT)?LM$challenge$ntresp $NET(NT)?LM$[a-fA-F\d]{16}$[a-fA-F\d]{48} Prefix: $NET(NT)?LM$ / Delimiter: "$" / Hex	NET(NT)LM	Ready to be shucked freely!	$20-$200	Incompatible format / requires conversion	NET(NT)LM hashes captured with a random challenge.
$99$*b64encode(hex2bin(challenge+{ntresp=CT1+CT2+PT3*}) $99$[a-zA-Z\d\+/]{35}= Prefix: $99$ / Delimiter: "$" / Base64	ChapCrack	Ready to be shucked freely!	$20-$200	Incompatible format / requires conversion	PPTP VPN and WPA-Enterprise MSCHAPv2 authentication captures.
$MSCHAPv2$challenge$ntresp$(login)? $MSCHAPv2$[a-fA-F\d]{16}$[a-fA-F\d]{48}$* Prefix: $MSCHAPv2$ / Delimiter: "$" / Hex / Optional username	MSCHAPv2	Ready to be shucked freely!	Incompatible format / requires conversion	Incompatible format / requires conversion	PPTP VPN and WPA-Enterprise MSCHAPv2 authentication captures.

How to convert formats?
To convert an authentication token from one format to another, simply submit it freely to the Hash-Shucking module or use the Converter to follow algorithm's dissection.

Shuck hash before trying to crack it

Get Shucking

Get Shucking

PUT YOUR AUTHENTICATION TOKENS HERE (1 per line)!
Current HIBP NT-Hash wordlist used : pwned-passwords-ntlm-reversed-ordered-by-hash-v8.bin (#Hash candidates : 847,223,402). Max token length: 255, and max number of tokens submited at once: 100.