Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 23 Mar 2006 09:15:43 +0000
From: Hari Sekhon <harisekhon@...il.com>
To:  john-users@...ts.openwall.com
Subject: Re: SYSKEY

naughty boy trying to break into college computers, eh?

I don't think jtr was designed for this.... pwdump certainly wasn't 
since you need to have admin rights to do this in the first place.


Realin wrote:
> Sorry to reply you late guyz.. i was outta town. juz wanted to tell u the
> tools I tried on FTP but none of them is able to remove syskey outta my SAM
> file.
>
> They are different versions of pwdump. but i have no acccess to admin
> account at my college, so cant use pwdump to extract Hash files through
> lssas.exe
>
> help me
>
> thanks and regards!
>
> On 3/20/06, Solar Designer <solar@...nwall.com> wrote:
>   
>> I've been asking this before, but I'll repeat:
>>
>> Whenever you post something on a new topic, please be sure to post it as
>> an entirely new message - _not_ by hitting "Reply" on someone else's
>> posting.  Please also make sure to set a descriptive message Subject.
>>
>> If you see that someone else has not followed this procedure, but you'd
>> like to comment on their message, please change the Subject (like I did
>> now), but do not break the existing thread (so "Reply" to the message).
>>
>> My response to the actual question is below:
>>
>> On Wed, Mar 15, 2006 at 09:35:46PM +0530, Realin wrote:
>>     
>>> guyzz.. i am a new user to list, so a big hi to all.. i have been
>>>       
>> reading
>>     
>>> all the mails since long. well guyz need to ask u something.. I have got
>>>       
>> a
>>     
>>> SAM file with me.. and i wanna crack pass outta that..
>>>
>>> i know it is a noobie woobie question for u, but for me that would be an
>>> achievment.. i have download the binary pack from www.openwall.com and
>>> extracted it, there by i got two folders RUN and DOC, ofcourse i went to
>>> command line and tried using switches with the john-386.exe but was not
>>>       
>> able
>>     
>>> to get anythin useful..
>>>       
>> This is irrelevant to your question, but you should not be using
>> john-386.exe on modern systems.  It is for ancient ones.
>>
>> Use john-mmx.exe instead.
>>
>>     
>>> Simply guide me what do i do with this JOHN if i want to get the  pass
>>>       
>> outta
>>     
>>> this SAM file.. it includes syskey hashes also as i got that SAM file
>>>       
>> from
>>     
>>> some service pack2 machine..
>>>       
>> There's a collection of tools which you can use here:
>>
>> ftp://ftp.openwall.com/pub/projects/john/contrib/win32/pwdump/
>>
>> This includes programs to dump SAM files in PWDUMP format and to undo
>> the effect of SYSKEY.
>>
>> Please let us all know which one(s) of these have worked better for you.
>>
>> I don't "do" Windows myself, so I can't recommend a specific procedure
>> for you to follow.
>>
>> --
>> Alexander Peslyak <solar at openwall.com>
>> GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D
>> 3598
>> http://www.openwall.com - bringing security into open computing
>> environments
>>
>> Was I helpful?  Please give your feedback here:
>> http://rate.affero.net/solar
>>
>> --
>> To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
>> to the automated confirmation request that will be sent to you.
>>
>>
>>     
>
>
> --
> << Realin Wuz Here >>
>
>   

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ