Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 16 Sep 2010 12:39:55 +0100
From: Tony Molloy <tony.molloy@...ie>
To: john-users@...ts.openwall.com
Subject: Cracking Samba passwords


Hi,

I've got john-1.7.6 installed with the jumbo patch. I use it to check our 
students passwords each week.

It works very well on cracking the students Linux passwords.

However I'm also trying to crack their samba passwords.

I'm using the following test password file:

Administrator:500:E52CAC67419A9A224A3B108F3FA6CB6D:8846F7EAEE8FB117AD06BDD830B75
86C:::
AndAnotherAdmin:700:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:8846F7EAEE8FB117AD06BDD830B
7586C:::
a0810440:10435:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:5705E3F43B799D35CF582FF93EDC94D6:
[U          ]:LCT-4C91BA1A:


The first line is from an old samba installation and has both Lanman and NTLM 
encoded passwords. The second and third lines are from the current samba 
installation and it only has NTLM encoded passwords. Probably NTLMv2 actually.

John cracks the Lanman password for the first line but not the NTLM passwords

Administrator:PASSWORD:500:8846F7EAEE8FB117AD06BDD830B7586C:::
              ^^^^^^^^

Can I get it to crack the NTLM passwords.

Thanks,

Tony.


Tony Molloy

CTO. Dept. of Comp. Sci.
University of Limerick
Ireland

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.