Date: Sat, 5 Sep 2009 03:54:02 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: Using Cain and Abel Hashes On Thu, Sep 03, 2009 at 07:50:31AM -0400, Rich Rumble wrote: > Cain & Able (oxid.it)is like l0pht on steroids :) BTW, I was surprised to find out that L0phtCrack is back: http://l0phtcrack.com > Depending on how you use Cain you can capture lots of hash types and > decode/crack them. The packet captures are not going to be useful for JTR to > crack (unless I've missed something recently). Most exchanges you catch on > the wire will be the challenge-response type. JtR with the jumbo patch supports some of these, thanks to JoMo-Kun: $ fgrep C/R *.c NETHALFLM_fmt.c:#define FORMAT_NAME "HalfLM C/R DES" NETLM_fmt.c:#define FORMAT_NAME "LM C/R DES" NETLMv2_fmt.c:#define FORMAT_NAME "LMv2 C/R MD4 HMAC-MD5" NETNTLM_fmt.c:#define FORMAT_NAME "NTLMv1 C/R MD4 DES" > I'm not totally up to speed on > kerberos, but I've used kerbsniff and kerbcrack very effectively ( > ntsecurity.nu) for those hashes. A more direct link: http://ntsecurity.nu/toolbox/kerbcrack/ (No, I haven't tried this out.) Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.