Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Sun, 14 Aug 2011 22:50:31 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: MSSQL Hash Format in JTR

On Sun, Aug 14, 2011 at 3:47 PM, firstname lastname
<psykosonik_frequenz@...oo.com> wrote:
> john -w:wordlist.txt --format=mssql hashes.txt
>
> Now the question is, when I check the candidate passwords that are being tried by JTR against these hashes, they are all in Uppercase. Why is that so?
>
> Are the MSSQL 2000 hashes supposed to be case insensitive?
>
Try -format=mssql05 for the case sensitive hashes.
http://hkashfi.blogspot.com/2007/08/breaking-sql-server-2005-hashes.html
It seems both the case sensitive and non-case sensitive are stored
typically and or by default. We got reminded of this durning our participation
in the KoreLogic contest held at Defcon (crack me if you can). The case
insensitive will fall faster than the case sensitive. I'm unsure if there is
a character limit imposed on the case insensitive one.
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.