Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAPS+U98phx-uJeU8_c2L=sEP18Pd4aBvwDoKWa=Fhg8pVtPP-A@mail.gmail.com>
Date: Tue, 14 Jan 2014 12:48:29 +1300
From: Pedro Worcel <pedro@...cel.com>
To: john-users@...ts.openwall.com
Subject: Re: Cracking MSChap v2

Thanks for this, I enjoyed the read.


2014/1/14 Rich Rumble <richrumble@...il.com>

> On Mon, Jan 13, 2014 at 5:54 PM, Rob Fuller <jd.mubix@...il.com> wrote:
> > Looked through the source and mailing list, but couldn't find it, has
> there
> > been any work on cracking NetNTLMv1 down to NTLM hashes?
> >
> >
> http://markgamache.blogspot.com/2013/01/ntlm-challenge-response-is-100-broken.html
> > https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/
> That blog post was grandstanding pure an simple, ntlmv1 has been
> broken well before that blog post, by plenty of others.Every cracker
> I've ever used broke the challange and the password, l0pht was first,
> cain is still good. I just re-read the post (I even have an old
> comment on it when it came out), I don't see what the fuss was about
> with that blog post, other than it got some attention, when reading it
> all I can think about is:
> http://www.quickmeme.com/it-is-known
> I believe there are patches for NetNTLMv1 in the Jumbo versions of JtR
> http://www.openwall.com/lists/john-users/2010/07/09/1
> https://www.google.com/search?q=site%3Aopenwall.com+netntlm
> -rich
>



-- 
GPG: http://is.gd/droope <http://is.gd/signature_>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.