Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 13 Jul 2011 16:52:11 +0200
From: Sistemas <linux@...agroup.com>
To: john-users@...ts.openwall.com
Subject: Re: Crack a MS SQL Server 2000 password

El 12/07/2011 20:08, Rich Rumble escribió:
> On Tue, Jul 12, 2011 at 12:44 PM, Sistemas<linux@...agroup.com>  wrote:
>> Hello.
>>
>> I'm trying to crack a MS SQL Server 2000 password. I have access to the
>> salt, uppercase hash and case sensitive hash. I would like to throw john at
>> the it but I can't find any docs on how to do it. According to
>> http://www.openwall.com/passwords/microsoft-sql-server it is possible to do
>> this with the jumbo patch. I have no problem on compiling john with the
>> patch but I can't find anywhere how to create the password/hash list and
>> what command line arguments to use.
>>
>> Can anyone help me.
> I've not tried this hash specifically, but typically it's
> username:hash
> Sometime, I think, Hashes need to be all uppercase if not already. But
> I think this is only a few, and others, I think MSSQL05 may need to be
> prefixed? 0x01004086CEB6 Again I don't know for certain.
> -rich
I had already tried that. I've just tried it with the 0x prefix with the 
same result:
     No password hashes loaded

I'm using the full uppercase hash which is 40 hex characters long 
(160bits). Is this right? Should I add the salt?

Thanks.

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.