Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 16 Sep 2010 21:32:58 -0500
From: Erik Winkler <ewinkler@...ls.com>
To: john-users@...ts.openwall.com
Subject: Re: Cracking Samba passwords

Use the -format:NT flag.

Erik
On Sep 16, 2010, at 6:39 AM, Tony Molloy wrote:

> 
> Hi,
> 
> I've got john-1.7.6 installed with the jumbo patch. I use it to check our 
> students passwords each week.
> 
> It works very well on cracking the students Linux passwords.
> 
> However I'm also trying to crack their samba passwords.
> 
> I'm using the following test password file:
> 
> Administrator:500:E52CAC67419A9A224A3B108F3FA6CB6D:8846F7EAEE8FB117AD06BDD830B75
> 86C:::
> AndAnotherAdmin:700:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:8846F7EAEE8FB117AD06BDD830B
> 7586C:::
> a0810440:10435:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:5705E3F43B799D35CF582FF93EDC94D6:
> [U          ]:LCT-4C91BA1A:
> 
> 
> The first line is from an old samba installation and has both Lanman and NTLM 
> encoded passwords. The second and third lines are from the current samba 
> installation and it only has NTLM encoded passwords. Probably NTLMv2 actually.
> 
> John cracks the Lanman password for the first line but not the NTLM passwords
> 
> Administrator:PASSWORD:500:8846F7EAEE8FB117AD06BDD830B7586C:::
>             ^^^^^^^^
> 
> Can I get it to crack the NTLM passwords.
> 
> Thanks,
> 
> Tony.
> 
> 
> Tony Molloy
> 
> CTO. Dept. of Comp. Sci.
> University of Limerick
> Ireland

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.