Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 11 Mar 2006 05:16:53 +0000
From: "hadzijj qwerty" <>
Subject: Re: does john crack xp passwords correctly?

>On Sat, Mar 11, 2006 at 04:46:04AM +0000, hadzijj qwerty wrote:
> > In the meantime I found another thing that I'd like to ask about. You 
> > about letter "M" that john didn't check if it's lower or upper-case. So
> > when it will finish looking for the first 7 chars of my password will 
> > case be unknown as well?
>Yes.  The case of characters is unimportant for determining whether a
>given Windows password is weak or not.
>However, if you're cracking those passwords for another purpose, you may
>apply the unofficial NTLM hashes support patch to John, then have it
>guess the proper case of characters in passwords it would have cracked
>based on LM hashes.
>JtR 1.7 includes the following hack in the default john.conf:



> > $ dpkg -l | grep john
> > ii  john                       1.6-39                         active
> > password cracking tool
> >
> > It looks that my debian would like to argue with you :)
>No, everything is in agreement now.  You've been using version 1.6-39 of
>the Debian package (which is Debian's 39th revision of the package of
>John 1.6), not John version 1.6.39.  Those two are entirely different

I haven't known that :)

Thanks a lot,

Don't just search. Find. Check out the new MSN Search!

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.