Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 9 Jul 2010 07:25:08 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: LM and NTLM C/R cracking

Hi,

Here's an example of how LM and NTLM challenge/response pairs may be
processed with John the Ripper with the jumbo patch applied, using
sample C/R pairs from this recent blog post:

http://carnal0wnage.attackresearch.com/node/427
http://carnal0wnage.blogspot.com/2010/07/revisiting-halflm-stuff.html

I formatted the input file as follows:

ADMIN:::59DE5D885E583167C3A9A92AC42C0AE52F85252CC731BB25:5ADA49D539BD174E7049805DC1004925E25130C33DBE892A:1122334455667788
ADMIN:::40305B22075D6000D0508D9AD1F7BEB02F85252CC731BB25:337C939E66480243D1833309B8AFE49A81FE4C5E646BF00A:1122334455667788
ADMIN:::DAF3570C10ED2817C3D8A05D69F9EF292F85252CC731BB25:D3FB390BAC5D152F7A394466FBEF686E275D05B99C0A115E:1122334455667788
ADMIN:::76365E2D142B5612980C67D057EB9EFEEE5EF6EB6FF6E04D:727B4E35F947129EA52B9CDEDAE86934BB23EF89F50FC595:1122334455667788
ADMIN:::D737AA8F95CE38359CAB5D8A2519C4B92F85252CC731BB25:0624A3F7D457C54B163C641DBF4B7963548EF1C5D0397CBF:1122334455667788
ADMIN:::0E89A68D07E315C6035E82B757B955882F85252CC731BB25:58F2D720179B4A38A0523E02AEF0D41DACCCD6577EAA943C:1122334455667788
ADMIN:::AA9436C1D40CB53F3E7A20091C4B931C2F85252CC731BB25:8AC45ACDBD60F2FAD3081ECF005536EFA6009C21CA5FAF36:1122334455667788
ADMIN:::DCE867F0CB638DB2DBCC3576A52DC4612F85252CC731BB25:8990B33DAC65C5EF75073829894B911A983C1E260FBD1097:1122334455667788
ADMIN:::6F9D851D74C8A095C9DF672A1554BEBC2F85252CC731BB25:89953DE6F957B7DB5FE664D23AF3DE41DD38F5EC0A4A6EB0:1122334455667788
ADMIN:::CC96CC93B4DC9B7582273227FD61A5952F85252CC731BB25:76D3C3DEB0BB8EF1A1E41AB6A3F6C686A321CE016C624567:1122334455667788
ADMIN:::CC96CC93B4DC9B754DB66776827758D30B7892EEF2E3F2BC:DF58AE0F786BECC11BE11034DC53B21BDF1D73579AF868D1:1122334455667788
ADMIN:::DE5D1D85DAF6593D0A09FF32049013AB2F85252CC731BB25:526471D8C4A0ECC8AF05851804EA8FDD26848FA3CCC63152:1122334455667788
ADMIN:::B8489EDEE1058B43F3CE0F0ABE5A16872F85252CC731BB25:57B9C47A75335692F60E787E41CD16A292A21BC667B3FD02:1122334455667788
ADMIN:::2B6B134AF8D48F2A972BFF5660420D582F85252CC731BB25:5018402148E15A8D77CB22DD46F1449A2791416B73EE9C3D:1122334455667788
ADMIN:::BB49AEFD51ED0DCCD5BE291BD33BE3052F85252CC731BB25:C9B255750BD88AC72E03ADAFDA261E62618C943F7D59DAF5:1122334455667788

First, attack the "NETLM" "hashes" (case insensitive):

host!solar:~/john/john-1.7.6-jumbo-4/run$ ./john --format=netlm pw-netntlm
Loaded 15 password hashes with no different salts (LM C/R DES [netlm])
ADMIN            (ADMIN)
PASSWORD         (ADMIN)
1234             (ADMIN)
123              (ADMIN)
ASDFGH           (ADMIN)
1                (ADMIN)
000000           (ADMIN)
00000000         (ADMIN)
guesses: 8  time: 0:00:00:01 (3)  c/s: 1306K  trying: BETEMOR
12               (ADMIN)
ROOT             (ADMIN)
guesses: 10  time: 0:00:00:04 (3)  c/s: 1994K  trying: MELACCT
00               (ADMIN)
0000             (ADMIN)
guesses: 12  time: 0:00:00:07 (3)  c/s: 1920K  trying: KH6869
000              (ADMIN)
0000000          (ADMIN)
guesses: 14  time: 0:00:00:19 (3)  c/s: 1281K  trying: CESKET1

Now let's try "NETNTLM" (case sensitive):

host!solar:~/john/john-1.7.6-jumbo-4/run$ ./john --format=netntlm pw-netntlm
Loaded 15 password hashes with no different salts (NTLMv1 C/R MD4 DES [netntlm])
ADMIN            (ADMIN)
password         (ADMIN)
1234             (ADMIN)
123              (ADMIN)
asdfgh           (ADMIN)
1                (ADMIN)
000000           (ADMIN)
00000000         (ADMIN)
guesses: 8  time: 0:00:00:01 (3)  c/s: 1306K  trying: sadie
12               (ADMIN)
root             (ADMIN)
guesses: 10  time: 0:00:00:03 (3)  c/s: 2371K  trying: phdigh
0000             (ADMIN)
00               (ADMIN)
guesses: 12  time: 0:00:00:06 (3)  c/s: 2296K  trying: rh3gap
000              (ADMIN)
guesses: 13  time: 0:00:00:09 (3)  c/s: 2033K  trying: gte2g
0000000          (ADMIN)
guesses: 14  time: 0:00:00:19 (3)  c/s: 1626K  trying: mbblum

As you can see, either gets to 8 guesses in 1 second, and to 14 (out of
15 total) in under 19 seconds (the status line was displayed when I
pressed a key; the actual guess occurred a bit earlier).  It is also
possible to go from known case insensitive passwords (cracked from NETLM
hashes) to "crack the case" (from the NETNTLM hashes) nearly instantly,
but this was not required in this case (we got to the same 14 hashes
cracked quickly with a direct attack on NETNTLM as well).  All of this
was with JtR's default settings.

Rainbow tables may be hot, but other approaches are viable as well,
especially when the number of hashes or C/R's to audit is large (with
rainbow tables, the attack time is per-hash, but with JtR the attack is
against all hashes at once).

I hope someone will find this helpful.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ