[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 05 Feb 2008 14:31:39 -0600
From: jmk <jmk@...fus.net>
To: john-users@...ts.openwall.com
Subject: Re: LM response bytes 8-16 cracking - standalone
program based on JtR
On Tue, 2008-02-05 at 18:36 +0530, Dhirendra Singh Kholia wrote:
> Hi All,
>
> The attached program (still a PoC) cracks bytes 8-16 of
> a LM response. (I discussed the idea behind it in nethalflm patch post).
>
> In case of attachment issues please get it from:
> http://dhiru.kholia.googlepages.com/HALFLM2.c
>
> It needs lot of work to be really usable but the basic idea is implemented.
>
> Also i couldn't figure out how to make it a patch to JtR, hence i had to make
> it standalone.
>
> Please do test and improve. Also can somebody please combine it with
> nethalflm patch? (at least give some ideas) :-)
FWIW, I went a somewhat different direction on this issue. I've been
using "HalfLM" Rainbow Tables to crack the first seven case-insensitive
characters of the user's password. If the password is greater than seven
characters, I use a custom JtR external filter to brute the remaining
piece. The resultant value is then retested using the NetNTLM algorithm
to determine the correct character case.
I've hacked together a Perl script to tie these steps together. It's not
pretty and will probably require modifications for other environments,
but people are welcome to it:
http://www.foofus.net/jmk/tools/jtr/john-netntlm.pl
Joe
--
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux -
Powered by OpenVZ
