Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Sat, 5 Sep 2009 03:54:02 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Using Cain and Abel Hashes

On Thu, Sep 03, 2009 at 07:50:31AM -0400, Rich Rumble wrote:
> Cain & Able (oxid.it)is like l0pht on steroids :)

BTW, I was surprised to find out that L0phtCrack is back:

http://l0phtcrack.com

> Depending on how you use Cain you can capture lots of hash types and
> decode/crack them. The packet captures are not going to be useful for JTR to
> crack (unless I've missed something recently). Most exchanges you catch on
> the wire will be the challenge-response type.

JtR with the jumbo patch supports some of these, thanks to JoMo-Kun:

$ fgrep C/R *.c
NETHALFLM_fmt.c:#define FORMAT_NAME          "HalfLM C/R DES"
NETLM_fmt.c:#define FORMAT_NAME          "LM C/R DES"
NETLMv2_fmt.c:#define FORMAT_NAME          "LMv2 C/R MD4 HMAC-MD5"
NETNTLM_fmt.c:#define FORMAT_NAME          "NTLMv1 C/R MD4 DES"

> I'm not totally up to speed on
> kerberos, but I've used kerbsniff and kerbcrack very effectively (
> ntsecurity.nu) for those hashes.

A more direct link:

http://ntsecurity.nu/toolbox/kerbcrack/

(No, I haven't tried this out.)

Alexander

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ