Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <OFF420A93C.E3B2A6E6-ON85257258.004B524D-85257258.004BA2CE@sungard.com>
Date: Wed, 3 Jan 2007 08:46:16 -0500
From: Chris.McGinley@...gard.com
To: john-users@...ts.openwall.com
Subject: Re: pwdump2 and JtR - problem with syntax in running JtR and
 displaying passwords

Hviti,

Based on the hashes you provided -

Admin:500:aad3b435b...:12ed...:::
Account:1010:aad3b435...:d76...:::

The first hash that I see, starting with aad3b... looks to be a NO 
PASSWORD situation meaning that the storage of LAN Manager hashes is 
probably disabled in the security template for the system. You need to 
specify the correct format to john like so:

john -format:NT passwords.txt

Keep in mind, this format is case sensitive and will take longer to crack 
than a LAN Manager hash.

-Chris




Hviti/Spaki <fkhviti@...oo.com> 
01/03/2007 02:06 AM
Please respond to
john-users@...ts.openwall.com


To
john-users@...ts.openwall.com
cc

Subject
[john-users] pwdump2 and JtR - problem with syntax in running JtR and 
displaying passwords






Hi,

I'm having problems using pwdump2 and JtR on an account with admin rights 
on a WinXP computer and would appreciate it if anyone could help.

I downloaded both programs and unzipped them to C, opened the command 
prompt then:

typed in "cd C:\pwdump2", hit return
typed in "pwdump2.exe", hit return

saw a list like -
Admin:500:aad3b435b...:12ed...:::
Account:1010:aad3b435...:d76...:::

at C:\pwdump2> I typed in "pwdump2 > passwords.txt"
copied that file from the pwdump2 folder to the folder C:\john1701\run

went back to the command prompt and typed in "cd C:\john1701\run"
at C:\john1701\run> typed in "john-386.exe passwords.txt"

saw a list like-
Loaded 8 password hashes with no different salts (NT LM DES [32/32 BS])
        <Admin>
        <Account>
guesses: 8  time: 0:00:00:00:00 100% (2) c/s 1127K trying 12345 - MUSTANG

Since this didn't display any passwords, I tried deleting
the files and starting over again, but after:

went back to the command prompt and typed in "cd C:\john1701\run"
at C:\john1701\run> typed in "john-386.exe -i:all passwords.txt"

and got-
Loaded 1 password hash (NT LM DES [32/32 BS])
Warning: MaxLen = 8 is too large for the current hash type, reduced to 7
Warning: mixed-case charset, but the current hash type is 
case-insensitive;
some candidate passwords may be unnecessarily tried more than once.
        <Admin>
guesses: 1  time: 0:00:00:00:00 c/s 3276 trying: 2100 - SPACY

I then tried repeating the process with:
"john-386.exe -i passwords.txt"

and got-
Loaded 1 passwords hash (NT LM DES [32/32 BS])
        <Admin>
guesses: 1  time: 0:00:00:00:00 c/s 7952 trying: SERO - SPARS

I've been fiddling around with it for a bit and tried reading the FAQ and 
some other stuff on the net and am still rather confused and would 
appreciate any clarafication possible.

Thanks for the time

 __________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.