Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Thu, 20 Mar 2008 16:59:59 -0500
From: jmk <jmk@...fus.net>
To: john-users@...ts.openwall.com
Subject: LMv2 LAN Manager Authentication

Hi,

I recently made an attempt to add support to John for cracking
challenge/response sets generated during LMv2 LAN Manager
authentication. LMv2 challenge/response authentication typically takes
place when the GPO "Network Security: LAN Manager authentication level"
is configured to a setting that enforces the use of NTLMv2, such as
"Send NTLMv2 response only\refuse LM & NTLM." IIRC, Microsoft Vista now
sends NTLMv2/LMv2 by default.

I've uploaded a diff against John 1.7.2 with the Jumbo patch applied:
http://www.foofus.net/jmk/tools/jtr/john-1.7.2-all-9-netlmv2-jmk-1.diff

Hopefully this is useful to others. If anyone sees some areas in which
it could be improved, please let me know.

Joe

-- 
jmk <jmk@...fus.net>
Foofus Networks


-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ