[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 11 Mar 2006 05:16:53 +0000
From: "hadzijj qwerty" <hadzijj@...mail.com>
To: john-users@...ts.openwall.com
Subject: Re: does john crack xp passwords correctly?
>On Sat, Mar 11, 2006 at 04:46:04AM +0000, hadzijj qwerty wrote:
> > In the meantime I found another thing that I'd like to ask about. You
>wrote
> > about letter "M" that john didn't check if it's lower or upper-case. So
> > when it will finish looking for the first 7 chars of my password will
>their
> > case be unknown as well?
>
>Yes. The case of characters is unimportant for determining whether a
>given Windows password is weak or not.
>
>However, if you're cracking those passwords for another purpose, you may
>apply the unofficial NTLM hashes support patch to John, then have it
>guess the proper case of characters in passwords it would have cracked
>based on LM hashes.
>
>JtR 1.7 includes the following hack in the default john.conf:
[..]
Thanks.
> > $ dpkg -l | grep john
> > ii john 1.6-39 active
> > password cracking tool
> >
> > It looks that my debian would like to argue with you :)
>
>No, everything is in agreement now. You've been using version 1.6-39 of
>the Debian package (which is Debian's 39th revision of the package of
>John 1.6), not John version 1.6.39. Those two are entirely different
>versions.
I haven't known that :)
Thanks a lot,
Hadzij
_________________________________________________________________
Don't just search. Find. Check out the new MSN Search!
http://search.msn.com/
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux -
Powered by OpenVZ