Date: Sun, 04 Mar 2007 15:00:58 +0100 From: Antares <antares@....ch> To: john-users@...ts.openwall.com Subject: LM an NTLM combination Hello I am quite new to John and already read FAQ and Documentation. My situation is this: I used pwdump6 on our W2k3 Domain using my proper Domain Admin credentials. I got a file with both, the LM and the NTLM (MD4) hashes. Using john-mmx on a XP client lead to incredible fast decryption of the case insensitive version of the password. ( I was not aware that W2k3 server still stores the poor LM hashes, but thanks to John, I am aware of the risk and found a way to change this behavior for future passwords.) I also patched an 1.7.2+ version with "Windows NT/2000/XP/2003 NTLM (MD4) hash support for 1.7.2+, by Alain Espinosa", and compiled it on my linux box. My Question is, how can I make the best use of the already known LM passwords. Do I need to make a wordlist out of the pot file on the windows box and specify special rules in order to try only "case combinations"? Or would john take into account (or disregard completely) available LM passwords in a pot file, if invoked with --format=NT ? Or is maybe my expectation wrong, that it is less time consuming to first crack the LM hashes and then use this input to crack the NTLM hashes, instead of starting directly on the NTLM hashes? Thank you and kind regards antares -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.