Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CANWtx006XesH2C1Grf7od6-q6t_1va0+GzYnf57mrK8b6NTLiA@mail.gmail.com>
Date: Tue, 14 Jan 2014 08:24:08 -0500
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Cracking MSChap v2

On Tue, Jan 14, 2014 at 7:25 AM, Richard B. Tilley <brad@....us> wrote:
> Rich,
>
> I agree with your assessment and have seen these tools in use by bad guys on networks. Mimikatz can dump domain credentials, too, if a user has authenticated to the machine (where Mimikatz is running) using domain credentials. If a domain or enterprise admin authenticates, the rest is history.
>
> That's all I had. Hope this is not too off-topic for john-users. My apologies if it is.
Bottom line is JtR doesn't bruteforce or strip the elements off the
challenge response like CloudCracker can and leave you with just the
hash. Since JtR has it's roots in weak password finding, and NTLM is
very fast, you could potentially recover the plain-text password in a
reasonable amount of time rather than "pass the hash". Someone on here
I'm sure could create a patch, JtR arguably has the fastest DES code
out there, so maybe this could be a patch for JtR. I think this was a
good discussion and JtR appropriate. It almost sounds like you could
script the task, but I'm no programmer so I'm probably way off on that
:)
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.