Date: Sun, 14 Feb 2010 07:39:30 +0300 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: NTLMv2 Challenge/Response Cracking On Fri, Feb 12, 2010 at 10:17:02AM -0600, jmk wrote: > I've posted a patch against John 220.127.116.11 (w/ Jumbo 2 applied) for NTLMv2 > challenge/response cracking: > > http://www.foofus.net/jmk/smbchallenge.html > http://www.foofus.net/jmk/tools/jtr/john-18.104.22.168-jumbo-2-netntlmv2.diff [...] > The Jumbo-2 patch currently contains support for LMv1, NTLMv1, and LMv2 > challenge/response. I originally assumed that a LMv2 response would > always be sent along with a NTLMv2 exchange, so I never bothered with > NTLMv2. However, I've now found that Windows 7 likes to zero out the > LMv2 fields, so NTLMv2 is necessary. Thank you for contributing this. Going forward, I suggest that you (and others) base your patches on the latest version of JtR (with the jumbo patch), which would be 22.214.171.124-jumbo-2 this time. Also, I suggest that you start making more use of the wiki to publish patches: http://openwall.info/wiki/john/patches Anyway, I've integrated your patch into john-126.96.36.199-jumbo-3 and john-188.8.131.52-jumbo-3, which I've just released. I've also added your netntlm.pl to the run directory. And I've edited your loader.c hacks replacing the unreasonable uses of sprintf() - I did not test these changes at all (other than that they compile), so I'd appreciate it if you review and/or test them. Finally, I noticed that you use fmt_default_binary_hash() and fmt_default_get_hash() in your "formats", which will result in poor performance when many hashes are loaded at once - you could want to correct that in a new revision of your code. While at it, I've integrated Alexandre Hamelin's oracle11_fmt.c (support for Oracle 11g SHA-1 based hashes). Somehow this was missed previously. The updated jumbo patches are linked from the usual place: http://www.openwall.com/john/#contrib Thanks again, Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.