Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Tue, 23 Aug 2011 08:09:32 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: password with the sign "#"

On Mon, Aug 22, 2011 at 4:51 PM, Roland <roland0509@...il.com> wrote:
> Thank you for the Information.
>
> But I don't understand the difference between LM hashes and NT hashes. Where could I read more about that?
LM hashes are split into two 0-7 lengths, 14char's maximum... and is
Case insensitive (all uppercase)

1234567=0182BD0BD4444BF8AAD3B435B51404EE (LM)
And 1234567hhhhhHH =0182BD0BD4444BF880F0CCFF038BF74 (LM)
(cracked it would be 1234567 & HHHHHHH)
Here are the two halves... 0182BD0BD4444BF8      880F0CCFF038BF74

NTLM on the other hand is case sensitive, so the same password
would crack to the case sensitive version (1234567hhhhhHH)
66502AB0AEE4EDC749D62E91EF650C7B (NTLM)
So if you see "NO PASSWORD" in a pwdump file it's because
these hashes were present:
31D6CFE0D16AE931B73C59D7E0C089C0 (NTLM)
AAD3B435B51404EEAAD3B435B51404EE (LM)
Check the wikipedia for more:
http://en.wikipedia.org/wiki/LM_hash
http://en.wikipedia.org/wiki/NTLM
-rich

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ