Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Sat, 12 Nov 2011 11:15:03 +0100
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: NTLM challenge/response cracking (again...) (was: [john-users])

2011-11-11 23:38, Solar Designer wrote:
>> password: welcome103
>>
>> username:::19448aa9bd58a2adb6e690256fae100d47456f959bb61fa1:e6b41f380a23789abedd5a701c1c32bd0101000000000000:d3c4518b1ae3f15a
> 
> this Google web search:
> 
> http://www.google.com/search?q=ntlm+0101000000000000
> 
> suggests that you have NTLMv2 here.  In JtR's NETNTLMv2_fmt_plug.c you
> can see that test vectors do indeed include the username.  So please try
> to format your sample according to those and include the right username
> and domain, then let john-users know what happens.

(Moved to john-dev) I just submitted a patch that stops John from
recognising this type of badly formed l0phtcrack-format input as
LMv1/NTLMv1.

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ