Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 26 Nov 2008 11:20:48 -0500
From: Adam Turk <bofh1234@...mail.com>
To: <john-users@...ts.openwall.com>
Subject: RE: Partly known password


> I forgot some parts of my password to a service-account. Since it is windows
> something broke and
> I can't update my software! Now I'm bruteforcing the password, but it's so
> slow..
> 
> I think the password is 9 or 10 letter/digets, and I remember a phrase I put
> in the middel of
> the password. (let's say "1batMan" just as an example).
> 
> The format is something like this
> 
> XX1batMan or XX1batManX (where X's is unknown.)
> 
> I had a look at the mailing list
>  http://www.openwall.com/lists/john-users/2008/05/20/2
> but couldn't figure it out.
> 
> How do I run all the combinations for X together with the part of the
> password I know?
> 
> Oddmund

I recommend cracking the LM hash with john and then with those results switch to using mdcrack 182 to crack the NTLM hash.  mdcrack 183 has a bug in it.  Download at http://membres.lycos.fr/mdcrack/download/MDCrack-182.zip  mdcrack 182 works great under wine.  I do recommend updating wine to the latest version.  With mdcrack you can specify the charset to use to crack so if the LM hash returns CD1BATMAN3 use the following:
wine MDCrack-sse.exe --charset=abcdtmn13ABCDTMN --algorithm=NTLM1 --minsize=10
--maxsize=10 NTLM hash

Don't get me wrong, john the ripper is great, but specifing a specific charset like is difficult.

If you are absolutly certain about 1batMan being exactly like this XX1batManX you can use crunch to generate a wordlist with:
aa1batMana
aa1batManb
and pass that wordlist to john.
Something like:
crunch 10 10 abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789
-t @@...tMan@ >wordlist.txt
The above is untested but should work.



_________________________________________________________________
Windows Live Hotmail now works up to 70% faster.
http://windowslive.com/Explore/Hotmail?ocid=TXT_TAGLM_WL_hotmail_acq_faster_112008

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ