ghostcom
commented
8 years ago So I haven't looked into the format_ophc error, but I assume it's similar to the format_john issue. As the error states, it's only getting 3 parameters passed. In dsusers.py, you'll see:
sys.stdout.write("\n\t" + format_john(user.SAMAccountName,nt,'NT')
ntof.writelines(format_john(user.SAMAccountName,nthash,'NT')
format_john's definition is expecting 4 arguments. As shown above, the SID is missing from each of the format_john statements. you can correct this by adding user.SID as an argument:
format_john(user.SAMAccountName,str(user.SID),nthash,'NT')
save your changes (making sure you update all locations) and it should output the hashes correctly when --pwdformat john is specified
python dsusers.py ~/Desktop/1/datatable.3 ~/Desktop/1/link_table.5 ~/Desktop/1/temp/ --passwordhashes --syshive ~/Desktop/1/SYSTEM --pwdformat john --lmoutfile ~/Desktop/lm --ntoutfile ~/Desktop/nt
if running this, i get the following
Password hashes:[!] Error! format_john() takes exactly 4 arguments (3 given)
I get the same error if U use --pwdformat ophc
if I change to --pwdformat ocl - runs but generates no data
am I missing something?