Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 22 May 2006 06:47:10 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: cracking hashes obtained with Login Recovery's boot disk

This question was originally posted under a previous discussion's
Subject, so I've changed the Subject on this response.

This question is barely on topic, but I'll respond this one time.

On Sun, May 21, 2006 at 11:23:27AM +0530, rushi harkal wrote:
> i get hashs frm Loginrecovery.com

For those who don't know - this is an online Windows password recovery
service.  They offer free download of a boot disk image (floppy or CD)
that dumps the hashes.  Then they crack the hashes for you - there's a
free&slow and a non-free&fast option.

> & i wan my own decrypter that i can get
> pass instantly please give me direction

John the Ripper does not crack Windows password hashes instantly -
although it will get most passwords really quick in practice.  What you
might be looking for is a rainbow tables based cracker such as Ophcrack
or RainbowCrack:

	http://ophcrack.sourceforge.net
	http://www.antsight.com/zsl/rainbowcrack/

Apparently, Login Recovery's boot disks output hashes in a format
slightly different from pwdump output format that most password crackers
including John the Ripper accept - so trivial format conversion will be
needed first (manual or with a script).

What is your reason to misuse Login Recovery's boot disks like that,
though?  Perhaps it'd be easier to either use pwdump2 and JtR or use a
password changing boot disk such as this one:

	http://home.eunet.no/~pnordahl/ntpasswd/

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ