Date: Thu, 12 Apr 2007 16:43:16 -0500 From: jmk <jmk@...fus.net> To: john-users@...ts.openwall.com Subject: Re: Initial seed password On Sat, 2007-04-07 at 20:16 +0400, Solar Designer wrote: > Yes, please do. Thanks! I've posted my attempt at LM/NTLMv1 challenge/response cracking: http://www.foofus.net/~jmk/tools/jtr/lm_chall_resp.diff It seems to work to crack hashes in the old .lc format which is what Cain & Abel appears to use: username:::lm response:ntlm response:challenge My implementation is probably pretty poor. This was my first attempt at hacking in a new format into John and I was thoroughly confused. Fortunately, while probably not as efficient as it could be, it seems to work for what I wanted. ;) Any comments on what I should have done different are welcome. One quick question... The LM response is based on an upper-case version of the user's password. I believe that John should only be testing case-insensitive passwords here and the netlm code upper-cases the test value when generating the response to compare, so the results are accurate. However, in some cases when it succeeds, John reports a mixed-case password. How do I force John to always display the upper-case version of that password? > What will work best is a combination of John's "incremental" mode with > an external filter() (which you will actually use to prefix candidate > passwords with your known 7 characters). An example is available here: This seems to be just what I'm looking for. Thanks! I while back a coworker of mine modified John to log the time it took to crack a hash. This has been useful for us when cracking a hash that already existed in the .pot file and we would like to know how long it initially took to break. FWIW, I've posted his work here: http://www.foofus.net/~jmk/tools/jtr/readme.html Joe -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ