Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 25 May 2007 10:14:38 -0500
From: jmk <>
To: john-users <>
Subject: Re: LM/NTLMv1 challenge/response cracking

On Fri, 2007-05-18 at 23:19 +0200, Frank Dittrich wrote:
> It's not just a cosmetical "problem".
> OTOH, the problem could be easily worked around,
> even without split() converting the hashes into upper case.
> See this thread for more details:

Thanks for the info. I've added a split() function to my code which
seems to fix the case of the hash characters.

> >I can move the upper-case conversion to set_key(), but that causes the
> >self test to fail. The self test appears to compare the original
> >password and the response from get_key, which would be the upper-cased
> >version of the password.
> I remember I had the same problem in the past,
> and would also be interested in how to solve this.

I believe my problem was having mixed-case passwords in the sample test
credentials. Things seem to be working better for me now.

I've posted an updated version of the patch here:

This version of the diff should be against a clean copy of


To unsubscribe, e-mail and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ