Date: Sat, 11 Sep 2010 12:38:59 +0200 From: "Magnum, P.I." <rawsmooth@...dband.net> To: john-users@...ts.openwall.com Subject: Re: Attacking Windows-ALT chars in LM Hashes On 09/10/2010 09:08 PM, Brad Tilley wrote: > Magnum, P.I. wrote: >> JtR however, cheats when doing this conversion: it just puts a 0x00 >> between each char. > > You mean for NT hashes I guess? Yeah, sorry for the confusion > I think the correct wording would be "inserts a null after each char" > rather than "between each char". I'm not sure that is cheating. It works > and is portable across operating systems. Windows has non-portable ways > to do it, but if you want to crack NT hashes on Linux or BSD, etc then > this approach works. That's how I do it too: It's very fast and works fine, but *only* if the candidates are encoded in cp1252 (which is almost the same as ISO-8859-1). If the candidates come in any other character set, this method will fail. JtR can not crack even the simplest Greek or Russian NT password hash *no matter* how you encode the wordlist. Not even using 8-bit DumbForce. magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.