Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 20 Jan 2010 19:41:47 +0300
From: Solar Designer <>
Subject: Re: john 1.4.2 with jumbo patch 1 - lm hash problem

On Wed, Jan 20, 2010 at 09:43:24AM -0600, Greg White wrote:
> >> Administrator:500:CEEB0FA9F240C200417EAF40CFAC29C3:D280553F0103F2E643406517296E7582:::
> > Well, you made a typo in the LM hash. With it corrected to
> > CEEB0FA9F240C200417EAF50CFAC29C3 (the correct hash for "TESTTEST"), it
> > gets cracked just fine.
> That is odd.  It is the same hash file I have used for years and john always cracked it.  I will double check my files when I get home.
> I was using john for the last year or so.

Well, I've just tried cracking your file, the way you posted it (with
the typo) using a linux-x86-mmx build of on a P3.  I can't
confirm the problem: this older version similarly does not crack the
last "T" unless the typo is corrected.

> I am using BT4 Final and most of the other utilities I run require root privileges.


> On my productions Linux systems I always login as a user and sudo or su when needed.

This is commonly regarded as a security best practice, but it is not
necessarily such a great idea.  Not abusing root does not imply that you
have to login as a user and then su or sudo, which has its own added
security risks.  You could want to see:
(scroll down to "Direct root login considerations")

Summary: when accessing remote systems, use separate direct logins as
non-root and as root-privileged accounts (as necessary), don't use
su/sudo to elevate privileges.

This is getting off-topic, though, so no follow-ups to this part of the
message on this list, please. ;-)


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.