PaulDotCom mailing list archives

Re: Password auditing

From: Robin Wood <robin () digininja org>
Date: Thu, 18 Aug 2011 21:16:45 +0100

On 18 August 2011 18:36, Gibson, Samuel <gibsons () my uwstout edu> wrote:

Hello,



I was wondering if anyone knows of a way to crack passwords for an audit
that would reveal the passwords that were cracked but not the username
associated with the password.


It depends on what format the passwords are in. Some crackers, such as
oclHashcrack, don't take usernames, just hashes so you have to strip
the usernames from the hashes. Others, such as ophcrack cracking NTLM,
take a pwdump format file but you could easily do a search and replace
with something like perl -p -i -e or sed to replace all the usernames
with dummy values.

Robin



Thanks,

Sam

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

Password auditing Gibson, Samuel (Aug 18)
- Re: Password auditing Tim Krabec (Aug 18)
- Re: Password auditing Ryan Sears (Aug 18)
- Re: Password auditing Robin Wood (Aug 18)