Date: Sat, 11 Mar 2006 08:07:29 +0300 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: does john crack xp passwords correctly? On Sat, Mar 11, 2006 at 04:46:04AM +0000, hadzijj qwerty wrote: > In the meantime I found another thing that I'd like to ask about. You wrote > about letter "M" that john didn't check if it's lower or upper-case. So > when it will finish looking for the first 7 chars of my password will their > case be unknown as well? Yes. The case of characters is unimportant for determining whether a given Windows password is weak or not. However, if you're cracking those passwords for another purpose, you may apply the unofficial NTLM hashes support patch to John, then have it guess the proper case of characters in passwords it would have cracked based on LM hashes. JtR 1.7 includes the following hack in the default john.conf: # Case toggler for cracking MD4-based NTLM hashes (with the contributed # patch), given already cracked DES-based LM hashes. # Rename this section to [List.Rules:Wordlist] to activate it. [List.Rules:NT] l lMT[*0]T[*1]T[*2]T[*3]T[*4]T[*5]T[*6]T[*7]T[*8]T[*9]T[*A]T[*B]T[*C]T[*D]Q So you need to rename the section as the comment says, then run: john -show pwfile | cut -d: -f2- > cracked john -w=cracked -rules -format=nt pwfile The "-format=nt" requires an NTLM-patched build of John. > >> I have a version 1.6.39 under debian unstable. > > > >The output above does not match that of version 1.6.39, so that's not > >what you're using. > > $ dpkg -l | grep john > ii john 1.6-39 active > password cracking tool > > It looks that my debian would like to argue with you :) No, everything is in agreement now. You've been using version 1.6-39 of the Debian package (which is Debian's 39th revision of the package of John 1.6), not John version 1.6.39. Those two are entirely different versions. -- Alexander Peslyak <solar at openwall.com> GPG key ID: B35D3598 fp: 6429 0D7E F130 C13E C929 6447 73C3 A290 B35D 3598 http://www.openwall.com - bringing security into open computing environments Was I helpful? Please give your feedback here: http://rate.affero.net/solar
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.