Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 27 Jun 2007 21:05:27 GMT
From: "Brian Smith" <bborch70@...rent.net>
To: <john-users@...ts.openwall.com>
Cc: 
Subject: Best Windows Password Cracking Method

Hello all. 

I am working on cracking the LM hashes that I have dumped from several Windows servers as part of a penetration test and would like to see if I am using the best method.  I have already cracked on 14 character password from this file and am assuming that the password that I'm working on is also 14 characters.  Here is my progress so far:

1. Grabbed the local administrator hash from 3 separate servers using various exploits.  The hash is identical in each instance, so the passwords are the same.
2. I have the large password list from Openwall and have already run this against the hashes, along with letting it brute force for 5 days at roughly 3,100K c/s.
3. I obtained the first part of the hash which contains letters, numbers, and a '.'.
4. Using this information, I have settled on the following approach to finish my cracking
    a. Using the incrementail crack mode 'alnum', I added the extra characters "!@... with the Extras = command in the john.conf
    b. I have increased the total number of characters to 40 and specified a min and max length of 7 in the john.conf for the alnum set
    c. I have repeated 'b' on another machine and specfiied a min and max of 6.
5. I have calculated that for the 7 length, it should take roughly 14 hours for the total set.  Is this correct?
6. If this does not yield results, is there a good way to add extra characters to my already modified alnum set?  Will John remember what it already tried and only try new combinations?

Please let me know if you see any flaws in my approach or if anyone has any suggested improvements.

Thanks

Brian

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ