Penetration Testing mailing list archives

Re: L0phtcrack

From: Nicolas Gregoire <nicolas.gregoire () 7thzone com>
Date: Wed, 19 Sep 2001 10:29:48 +0200

I have not seen JtR unpatched[1] come up with 'NT passwords' yet (the
case-sensitive kind), but I use vanilla JtR in conjunction with Cain[2] -
have JtR crack the LanMan hash, spit out all-uppercase password.


Personnaly, I use JtR in order to recover the case insensitive passwords
from the pwdump output, and I feed these passwords to a little Perl
script creating a list of all possibles cases for the passwords.
Then, I use this dictionnary in LC3 to get the exact password.

Nicob

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

L0phtcrack Jim Miller (Sep 12)
- Re: L0phtcrack Nexus (Sep 12)
- Re: L0phtcrack Gurney Halleck (Sep 12)
  - Re: L0phtcrack Fred Mobach (Sep 18)
- Re: L0phtcrack hellNbak (Sep 12)
- Re: L0phtcrack Anders Thulin (Sep 18)
- <Possible follow-ups>
- RE: L0phtcrack Ockens Thomas (Sep 18)
  - Re: L0phtcrack Nicolas Gregoire (Sep 19)
  - Re: L0phtcrack olle (Sep 20)