Date: Fri, 25 May 2007 10:14:38 -0500 From: jmk <jmk@...fus.net> To: john-users <john-users@...ts.openwall.com> Subject: Re: LM/NTLMv1 challenge/response cracking On Fri, 2007-05-18 at 23:19 +0200, Frank Dittrich wrote: > It's not just a cosmetical "problem". > OTOH, the problem could be easily worked around, > even without split() converting the hashes into upper case. > See this thread for more details: > > http://thread.gmane.org/gmane.comp.security.openwall.john.user/50 Thanks for the info. I've added a split() function to my code which seems to fix the case of the hash characters. > >I can move the upper-case conversion to set_key(), but that causes the > >self test to fail. The self test appears to compare the original > >password and the response from get_key, which would be the upper-cased > >version of the password. > > I remember I had the same problem in the past, > and would also be interested in how to solve this. I believe my problem was having mixed-case passwords in the sample test credentials. Things seem to be working better for me now. I've posted an updated version of the patch here: http://www.foofus.net/~jmk/tools/jtr/john-184.108.40.206-netlm-netntlm-jmk-1.diff This version of the diff should be against a clean copy of 220.127.116.11. Joe -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ