Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Order Openwall Wordlists CD (20+ languages) with delivery worldwide or download
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Fri, 7 Apr 2006 02:51:44 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: new at this cracker business

Jay,

Please try to quote less context in your responses.  Please only quote
whatever is relevant.  E-mail signatures of people, for example, and not
relevant to responses.

On Thu, Apr 06, 2006 at 10:10:32PM +0000, jay rubin wrote:
> The accounts were SUPPORT_388945a0, Guest, Jay:2, Jay:1, Administrator and 
> HelpAssistant:2.  I figure the last password might have been 
> HelpAssistant:1.

Those with ":1" and ":2" are not separate accounts.  They refer to LM
hash halves for the accounts.

While the output of John cracking sessions can be informative, that's
not what you should be using to obtain the cracked passwords.  Use
"john --show SAM.txt" instead - this will combine the halves for you.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux