Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 20 Jan 2010 09:43:24 -0600
From: Greg White <>
To: <>
Subject: RE: john 1.4.2 with jumbo patch 1 - lm hash problem

> Date: Wed, 20 Jan 2010 14:41:53 +0300
> From:
> To:
> Subject: Re: [john-users] john 1.4.2 with jumbo patch 1 - lm hash problem
> On Tue, Jan 19, 2010 at 07:59:55PM -0600, Greg wrote:
>> Administrator:500:CEEB0FA9F240C200417EAF40CFAC29C3:D280553F0103F2E643406517296E7582:::
> [...]
>> The administrator LM password should be TESTTEST.
> Well, you made a typo in the LM hash. With it corrected to
> CEEB0FA9F240C200417EAF50CFAC29C3 (the correct hash for "TESTTEST"), it
> gets cracked just fine.

That is odd.  It is the same hash file I have used for years and john always cracked it.  I will double check my files when I get home.

>> Also I used to use john -f:nt hash.txt to tell john to use the NTLM algorithm. In 1.4.2 I have to use john --format:nt hash.txt. Is this change on purpose?
> (You probably meant, not 1.4.2.)

You are correct.

> This is caused by the addition of new options starting with the letter
> "f" in recent jumbo patches (1.7.4-jumbo-2 and above). In general, as
> more options are being added, some abbreviations for old options will
> stop working (and you'll have to be typing more of the characters -
> e.g., at least "-fo" as an abbreviation for "--format"). If we happen
> to drop or rename some of those new options, then some old abbreviations
> might start working again.

Not a problem.  I was using john for the last year or so.  I just made the jump from BT3 to BT4.  I will updated my documentation to use --format as that should hopefully never change.

> Thank you for testing the new version so promptly and for reporting the
> problem in here (I found your posting useful even though the problem
> turned out to be a user error).

You are welcome.

> Alexander
> P.S. You could want to avoid running JtR as root. It does not require
> root privileges.

I am using BT4 Final and most of the other utilities I run require root privileges.  On my productions Linux systems I always login as a user and sudo or su when needed.

Your E-mail and More On-the-Go. Get Windows Live Hotmail Free.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.