Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 29 Apr 2006 23:24:23 +1200 (NZST)
From: Allan Agnew <rsvpaa@...oo.co.nz>
To: john-users@...ts.openwall.com
Subject:  I can't see the passwords - beginner's question - sorry

I hope someone can spend the time to answer an absolute beginner's question.  Just out of curiosity, I thought I'd try out John the Ripper on my Windows XP machine.  I already know the passwords are easily guessable, but there's nothing of interest on the machine, and I just wanted to see how quickly it would get them.  I can't understand why I'm not seeing the passwords when it tells me it cracked them. I just used the basic wordlist, knowing that at least some of the passwords are in that.
  (By the way, I've changed the numbers slightly)
  First I ran pwdump2 as follows:
   C:\PROGRA~1\pwdump2>pwdump2
  Administrator:500:aad3b435b52315aaeda4a567b51404ea:aee991ef578fc36c2612f28e41f43b64:::
Allan:1003:aad3b435b52315aaeda4a567b51404ea:ad0bc7fe9cd9293cdc87b2162a52a4a0:::
Allan2:1009:aad3b435b52315aaeda4a567b51404ea:a295733929336efa7842186197ff3d72:::
Anna:1004:aad3b435b52315aaeda4a567b51404ea:a1d6cfe0d16ae931b73c59d7e0c089c0:::
ASPNET:1007:aad3b435b52315aaeda4a567b51404ea:a67f5c841d68bbe158018288ca18874b:::
Guest:501:aad3b435b52315aaeda4a567b51404ea:a1d6cfe0d16ae931b73c59d7e0c089c0:::
HelpAssistant:1000:aad3b435b52315aaeda4a567b51404ea:a4d52cecffd1869f0bd16699a2f459c1:::
Nana:1005:aad3b435b52315aaeda4a567b51404ea:a1d6cfe0d16ae931b73c59d7e0c089c0:::
Robbie:1006:aad3b435b52315aaeda4a567b51404ea:a1d6cfe0d16ae931b73c59d7e0c089c0:::
SUPPORT_388945a0:1002:aad3b435b52315aaeda4a567b51404ea:aeb6aa905592076e73c19075fef03c14:::
  Created pwdlist.txt and pasted the above data with Notepad.
  Ran john-386 as follows:
  C:\PROGRA~1\john171w\john1701\run>john-386 pwdlist.txt
Loaded 10 password hashes with no different salts (NT LM DES [32/32 BS])
                 (SUPPORT_388945a0)
                 (Robbie)
                 (Nana)
                 (HelpAssistant)
                 (Guest)
                 (ASPNET)
                 (Anna)
                 (Allan2)
                 (Allan)
                 (Administrator)
guesses: 10  time: 0:00:00:00 100% (2)  c/s: 1689K  trying: 12345 - MUSTANG
  C:\PROGRA~1\john171w\john1701\run>john-386 --show pwdlist.txt
Administrator::500:aee991ef578fc36c2612f28e41f43b64:::
Allan::1003:ad0bc7fe9cd9293cdc87b2162a52a4a0:::
Allan2::1009:a295733929336efa7842186197ff3d72:::
Anna::1004:a1d6cfe0d16ae931b73c59d7e0c089c0:::
ASPNET::1007:a67f5c841d68abe158018288ca18874b:::
Guest::501:a1d6cfe0d16ae931a73c59d7e0c089c0:::
HelpAssistant::a000:f4d52cecffd1869f0bd16699a2f459c1:::
Nana::1005:a1d6cfe0d16ae931b73c59d7e0c089c0:::
Robbie::1006:a1d6cfe0d16ae931b73c59d7e0c089c0:::
SUPPORT_388945a0::a002:8eb6aa905592076e73c19075fef03c14:::
10 password hashes cracked, 0 left
  I can't understand this output.  Why does it tell me it cracked the password hashes, but doesn't show me the passwords?  From the doc, I thought they should be between the first two colons, but there's nothing there.
  Hope someone can help.
  Thanks
   

Send instant messages to your online friends http://au.messenger.yahoo.com 

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ