lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <42EB5597.2020708@dsl.pipex.com>
Date: Sat Jul 30 11:30:40 2005
From: augm58 at dsl.pipex.com (Paul Farrow)
Subject: Best way to crack NT passwds

Chances are the system used by the website was a multi-processor beast 
of machine, able to maximise cpu time to cracking the passwords.
If you can get the password hash, then your best bet is to run it 
through jtr(john the ripper).

C:\toolkit\passwords\pwdump> pwdump2
Administrator:500:62b239ea3de3b4142e04d2d295f821b0:a929535485de3b5088923fd58d02cca2:::
ASPNET:1000:f5052a93de1b6a7848d83fff52bb5c55:264d62a5f32f74bb6df2642a514fd17f:::
Guest:501:d9dce10ca0c8ba7baad3b435b51404ee:672e556cf53bf2a83c36bead6383212b:::
__vmware_user__:1002:aad3b435b51404eeaad3b435b51404ee:69deddc712c272b33e31fae0f4b82a73:::

C:\toolkit\passwords\pwdump> pwdump2 > passwords.dump
C:\toolkit\passwords\john>john -incremental passwords.dump
Loaded 4 passwords with no different salts (NT LM DES [24/32 4K])
TEST0R              (Administrator:2)
guesses: 1  time: 0:00:00:20  c/s: 9045001  trying: PMSBRK - HLEYKL


Thats on a 1.987mhz AMD processor in windows 2000, running about 30 
other things at once.


Hope this helps.

X u r r o n wrote:

> hiya!
> I have tried many softwares for cracking NTLM hashes, like NC4, Cain 
> and have't tried Rainbow Crack yet.
> Once i had to recover my XPs lost admin password and i spend around 1 
> day but Cain/NC4 were not able to guess that. Then i posted that 
> hashes on some site and it did recover my passwd in around 5min. I 
> want to know which technique they used to crack so fast ?
>
> Xurron
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ