Date: Mon, 22 Aug 2011 22:51:14 +0200 From: Roland <roland0509@...il.com> To: john-users@...ts.openwall.com Subject: Re: password with the sign "#" Thank you for the Information. But I don't understand the difference between LM hashes and NT hashes. Where could I read more about that? I dumped the SAM and the SYSTEM file from my Win7 System with "pwdump7" -- LG Roland On Aug 22, 2011, at 7:58 PM, Solar Designer wrote: > On Mon, Aug 22, 2011 at 07:46:24PM +0200, Roland wrote: >> I have my Password in the Wordlist, but it don't work right. How long does it take to crack the whole wordlist? > > If you have the password in the wordlist, then it should get cracked > almost instantly. (We're talking fast hashes here - either LM or NT.) > >> If I type ./john dump-file john checks the wordlist? > > Not exactly. This invokes three cracking modes in order, one of which > uses password.lst as its wordlist. To simply run your wordlist, use: > > ./john --wordlist=WORDLIST-FILE PWDUMP-FILE > > of course, replacing WORDLIST-FILE and PWDUMP-FILE with proper filenames. > > To run your wordlist with rules (which may be needed to crack the second > half of the LM hash), use: > > ./john --wordlist=WORDLIST-FILE --rules PWDUMP-FILE > > To crack the NT hash instead (case-sensitive), use: > > ./john --format=nt --wordlist=WORDLIST-FILE PWDUMP-FILE > > (with a -jumbo version of JtR). > > It is also possible to crack the NT hash after having cracked the LM hash: > > ./john --show PWDUMP-FILE | cut -f2 -d: | ./john --format=nt --pipe --rules=nt PWDUMP-FILE > > This requires very recent -jumbo for the "--pipe" option, or you may > use an older version with an intermediate file. > > Alexander Download attachment "signature.asc" of type "application/pgp-signature" (802 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.