Date: Fri, 11 Nov 2011 23:16:57 +0100 From: rootkit rootkit <rootkit77@...il.com> To: john-users@...ts.openwall.com Subject: Re: NTLM challenge/response cracking (again...) On Fri, Nov 11, 2011 at 6:29 PM, magnum <john.magnum@...hmail.com> wrote: >> Information on this topic are very difficult to find. At the beginning >> I was thinking about generating rainbow tables for each different >> CHALLENGE, but that would be really too much. > > It would miss the whole point of rainbow tables. In short, if you do not > already have the tables, cracking with JtR will be quicker. True. At the time I didn't know john could crack it (or better, I didn't know I needed the jumbo patch). >> However there's something I don't understand: does the NETLM cracking >> work only if the challenge is 1122334455667788? Would it work for any >> challenge? > > JtR works for any challenge. That particular challenge stems from some > old public attacks where the challenge was forced to this value, thereby > making the salt (challenge) "worthless". That was more or less my guess, thanks for confirming. > And, because of this, I'm > pretty sure there are rainbow tables for that very challenge. Yes, I have seen some around. > Like Solar said, post some example hashes. It should work if you do it > right - at least if you run JtR version 1.7.7-jumbo-5 or newer. Earlier > versions had a variety of shortcomings and was also substantially slower > for these hashes. Done in the other post. Thanks for your answer magnum.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.