Full Disclosure mailing list archives
Re: Best way to crack NT passwds
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Sat, 30 Jul 2005 13:24:51 +0400
Dear X u r r o n, You needn't actually crack the password if you know your hash, because cleartext password is never used in Windows environment. You could apply this patch to md4.c from Samba distribution: --- md4.c.orig 2004-04-04 11:37:00.000000000 +0400 +++ md4.c 2004-10-27 23:01:31.000000000 +0400 @@ -130,6 +130,21 @@ C = 0x98badcfe; D = 0x10325476; + + if(n == 64){ + int j; + unsigned char * hexd = (unsigned char *)"0123456789ABCDEF"; + for(j = 0; j<16; j++){ + if(!strchr(hexd, in[(j<<2)]))break; + if(in[(j<<2)+1])break; + if(!strchr(hexd, in[(j<<2)+2]))break; + if(in[(j<<2)+3])break; + out[j] = ((strchr(hexd, in[(j<<2)]) - (char *)hexd)<<4); + out[j] ^= (strchr(hexd, in[(j<<2)+2]) - (char *)hexd); + } + if(j == 16) return; + } + while (n > 64) { copy64(M, in); mdfour64(M); And change your password with Samba utilities by entering NT password hash (in HEX) instead of password then prompted. --Saturday, July 30, 2005, 12:15:47 PM, you wrote to full-disclosure () lists grok org uk: Xurron> hiya! Xurron> I have tried many softwares for cracking NTLM hashes, like NC4, Cain and have't tried Rainbow Crack yet. Xurron> Once i had to recover my XPs lost admin password and i spend around 1 day but Cain/NC4 were not able to guess that. Then i posted that hashes on some site and it did recover my passwd in around 5min. I want to know which technique they used to crack so fast ? Xurron> Xurron -- ~/ZARAZA http://www.security.nnov.ru/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Best way to crack NT passwds X u r r o n (Jul 30)
- Re: Best way to crack NT passwds ad () class101 org (Jul 30)
- Re: Best way to crack NT passwds 3APA3A (Jul 30)
- Re: Best way to crack NT passwds Paul Farrow (Jul 30)
- Re: Best way to crack NT passwds ad () class101 org (Jul 30)
- Re: Best way to crack NT passwds Paul Farrow (Jul 30)
- Re: Best way to crack NT passwds ad () class101 org (Jul 30)
- RE: Best way to crack NT passwds Clement Dupuis (Jul 30)
- Re: Best way to crack NT passwds Ken (Jul 30)
- Re: Best way to crack NT passwds X u r r o n (Jul 30)
- Re: Best way to crack NT passwds Karsten Gessner (Jul 31)
- Re: Best way to crack NT passwds ad () class101 org (Jul 30)