Date: Thu, 1 Feb 2007 13:27:23 +0300 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: NTLM hash cracking given already cracked LM hashes On Sun, Jan 28, 2007 at 06:31:05PM -0600, Paul Battenfield wrote: > OPPS! The problem was between the floor and the keyboard. More specifically > I have two john.conf files. > > /usr/share/john/john.conf > > /etc/john/john.conf You're probably using a package of JtR for your Linux distribution. Unfortunately, packagers tend to unnecessarily modify default settings, file paths, etc. My recommendation is to build JtR from the source tarball - or to use official packages such as JtR Pro or the "john" package on Owl. ;-) > I picked the wrong one when I made my changes. Edited the right one and > BINGO it cracked! The normal wordlist rules did the trick on all > alphanumeric passwords but not the special character '*'. The asterisk character is not any special, and it is not the reason why the normal wordlist rules failed to find your case permutation for that password - rather, it's that the case permutation was too unusual: > Real Password: > As*od3U8 > Now I'm trying to write a script to swap back and forth between the normal > and NT wordlist rule set in the john.conf file so I can LM hash, and then NT > hash the resulting set. If you know of a way to pick the config file at run > time, or pick another rules set for using wordlist then that would be a more > elegant solution. There's no elegant way to do that within a single install of JtR, sorry. You might try using two installs, in different directories. -- Alexander Peslyak <solar at openwall.com> GPG key ID: 5B341F15 fp: B3FB 63F4 D7A3 BCCC 6F6E FC55 A2FC 027C 5B34 1F15 http://www.openwall.com - bringing security into open computing environments Was I helpful? Please give your feedback here: http://rate.affero.net/solar -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ