[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 16 Sep 2010 21:32:58 -0500
From: Erik Winkler <ewinkler@...ls.com>
To: john-users@...ts.openwall.com
Subject: Re: Cracking Samba passwords
Use the -format:NT flag.
Erik
On Sep 16, 2010, at 6:39 AM, Tony Molloy wrote:
>
> Hi,
>
> I've got john-1.7.6 installed with the jumbo patch. I use it to check our
> students passwords each week.
>
> It works very well on cracking the students Linux passwords.
>
> However I'm also trying to crack their samba passwords.
>
> I'm using the following test password file:
>
> Administrator:500:E52CAC67419A9A224A3B108F3FA6CB6D:8846F7EAEE8FB117AD06BDD830B75
> 86C:::
> AndAnotherAdmin:700:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:8846F7EAEE8FB117AD06BDD830B
> 7586C:::
> a0810440:10435:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:5705E3F43B799D35CF582FF93EDC94D6:
> [U ]:LCT-4C91BA1A:
>
>
> The first line is from an old samba installation and has both Lanman and NTLM
> encoded passwords. The second and third lines are from the current samba
> installation and it only has NTLM encoded passwords. Probably NTLMv2 actually.
>
> John cracks the Lanman password for the first line but not the NTLM passwords
>
> Administrator:PASSWORD:500:8846F7EAEE8FB117AD06BDD830B7586C:::
> ^^^^^^^^
>
> Can I get it to crack the NTLM passwords.
>
> Thanks,
>
> Tony.
>
>
> Tony Molloy
>
> CTO. Dept. of Comp. Sci.
> University of Limerick
> Ireland
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux -
Powered by OpenVZ
