Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 20 Dec 2009 15:23:44 -0500
From: "madfran" <madfran@...-ezine.org>
To: john-users@...ts.openwall.com
Subject: Re: JTR and format NTLM

>>>From two different ways I always arrive at the same result.
>>
>>What two different ways, specifically?
>>
>> Administrator:500:AAD3B435B51404EEAAD3B435B51404EE:
>> A82FF8E15A18E4E73399D231E9B32157F:::
>>

>This has LM hash of an empty string (which usually indicates that LM
>hashes are disabled).  Then, instead of the NTLM hash, which would
>normally be represented with 32 hex digits, you have some other string
>of 33 hex digits.  My guess is that it has to do with your "two
>different ways" - e.g., maybe you used some program that obfuscates
>password hashes that it dumps, maybe for use with some specific tool or
>online service.

ok. lc3 say that LM password is empty, but in fact doesn't work.


>I suggest that you try pwdump6:
>
>http://xxx.foofus.net/~fizzgig/pwdump/
>http://www.openwall.com/passwords/microsoft-windows-nt-2000-xp-2003-
vista#pwdump

Difficult to do.
Symantec antivirus detects the original pwdump as a virus.
I don't want to disable it because I have had some problems in the past.

>Please don't forget to let the list know how you obtained this broken
>NTLM hash, and what approach you ended up using instead.

First approach.
Old lc3 (l0htcrack version 3)
As I explained yet, I have administrator's rights and I can use it.

Second approach.
-Start the laptop from an USB device with a linux SO
-Download from my hard disc the following files,
 - system
 - SAM
-Start the laptop in the standard way (Windows XP)
-Extract the bootkey from "system" with the tool Bkhive
-Use samdump to extract the hash

Today approach
-Download pwdump6-2.0.0
-The PwDumpDebug is not detected by Symantec!
-Extract the hash
 Administrator:500:NO 
PASSWORD*********************:A82FF8E15A18E4E7399D231E9B32157F:::

madfran


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.