Date: Sun, 14 Aug 2011 22:50:31 -0400 From: Rich Rumble <richrumble@...il.com> To: john-users@...ts.openwall.com Subject: Re: MSSQL Hash Format in JTR On Sun, Aug 14, 2011 at 3:47 PM, firstname lastname <psykosonik_frequenz@...oo.com> wrote: > john -w:wordlist.txt --format=mssql hashes.txt > > Now the question is, when I check the candidate passwords that are being tried by JTR against these hashes, they are all in Uppercase. Why is that so? > > Are the MSSQL 2000 hashes supposed to be case insensitive? > Try -format=mssql05 for the case sensitive hashes. http://hkashfi.blogspot.com/2007/08/breaking-sql-server-2005-hashes.html It seems both the case sensitive and non-case sensitive are stored typically and or by default. We got reminded of this durning our participation in the KoreLogic contest held at Defcon (crack me if you can). The case insensitive will fall faster than the case sensitive. I'm unsure if there is a character limit imposed on the case insensitive one. -rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.