Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 9 Mar 2007 20:41:16 +0100
From: "Alain Espinosa" <alainesp@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: LM an NTLM combination

Antares send me privately the password file with the hashs (passwd) and the
wordlist (wordlist) but i cant reproduce the problem. Here are what i do:

----------------------------------------------------------
------------------------------------------------------------------------
"john-1.7.2-ntlm-alainesp-5.diff"                        |  "
john-1.7.2-all-2.diff.gz"
-------------------------------------------------------------------
---------------------------------------------------------------
------------------------------------------------------------
----------------------------------------------------------------------
make clean linux-x86-any                                      |  make clean
linux-x86-any
------------------------------------------------
-------------------------------
--------------------------------------------------
.........goto to run directory where are the passwd and wordlist antares
send me................
------------------------------------------------------
-------------------------------------------------------------------------
./john -w:wordlist -format=nt -rules passwd   |  /john -w:wordlist
-format=nt -rules passwd
-------------------------------------------------------
---------------------------------------------------------------------------
Loaded 2121 ...... (NT MD4 [Generic 1x])          | Loaded 2121 ...(NT MD4
[TridgeMD4])

|
............................                                               |
............................
<password####> (Username####)            | <password####> (Username####)
...............................                                           |
...............................

|
guesses: 509  time: 0:00:00:00 100%              | guesses: 509  time:
0:00:00:00 100%  c/s: 109278K
c/s: 113383K trying: Lacosting - Manging         | trying: Manging
------------------------------------------------------
--------------------------------------------------------------------------
./john -w:wordlist -format=nt -rules passwd   | ./john -w:wordlist
-format=nt -rules passwd
-------------------------------------------------------
------------------------------------------------------------------------
Loaded 1612 ...(NT MD4 [Generic 1x])               | Loaded 1612 ... (NT MD4
[TridgeMD4])

|
guesses: 0  time: 0:00:00:00 100%                   | guesses: 0  time:
0:00:00:00 100%  c/s: 109278K
c/s: 113383K trying: Lacosting - Manging         | trying: Manging
------------------------------------------------------
---------------------------------------------------------------------------
......................................as you can see, no
difference....................................................
------------------------------------------------------------------------
-----------------------------------------------------------
rm john.pot                                                               |
rm john.pot
-----------------------------------------------------
-------------------------------
-----------------------------------------------
...............change john.conf to make use of [List.Rules:NT] as [
List.Rules:Wordlist].................
---------------------------------------------------------
--------------------------------------------------------------------------
./john -w:wordlist -format=nt -rules passwd    |  ./john -w:wordlist
-format=nt -rules passwd
-------------------------------------------------------
----------------------------------------------
Loaded 2121 ... (NT MD4 [Generic 1x])               |  Loaded 2121 ... (NT
MD4 [TridgeMD4])

|
............................
|  ............................
<password####> (Username####)             |  <password####> (Username####)
...............................
|  ...............................

|
guesses: 644  time: 0:00:00:25 100%               |  guesses: 644  time:
0:00:00:41 100%  c/s: 967622K
c/s: 1586M trying: OUT_75EM -                            |  trying: 2223
PASSWORD hashes cracked, 1174 left
2223 PASSWORD hashes cracke                         |
---------------------------------------------------------
----------------------------------------------------------------------------
./john -w:wordlist -format=nt -rules passwd    |  ./john -w:wordlist
-format=nt -rules passwd
-------------------------------------------------------
-------------------------------
------------------------------------------------
Loaded 1477 .... (NT MD4 [Generic 1x])              |  Loaded 1477 ... (NT
MD4 [TridgeMD4])

|
guesses: 0  time: 0:00:00:25 100%                    |  guesses: 0  time:
0:00:01:23 100%  c/s: 463916K
c/s: 1540M trying: OUT_75EM -                             |  trying: 2223
PASSWORD hashes cracked, 1174 left
2223 PASSWORD hashes cracke                          |
---------------------------------------------------------
-------------------------------
-----------------------------------------------
..............................................as you can see, no
difference.............................................
-----------------------------------------------
-------------------------------
--------------------------------------------------------

The cracke without d are because "john-1.7.2-ntlm-alainesp-5.diff" cut the
candidate password at lenght 27. This is normal.
Please send me what are you doing step by step for reproduce the problem.

Testing this i find a bug not relate with this problem in the SSE2 code in "
john-1.7.2-ntlm-alainesp-5.diff" that lost some passwords. I fix it and i
send the fix to the list soon.

alain

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ