Security Basics mailing list archives
RE: Password hashs issue
From: krymson () gmail com
Date: 14 Feb 2008 19:21:39 -0000
1) Your question seems suspicious to me. If you own the passwords to these accounts already and are just doing security audits, having it take months is not a problem. That's the nature of cracking passwords: it takes time. Often password/hash vulnerabilities remain theoretical yet possible simply due to lack of time to have a cracker running. Who wants to pay you for twiddling your thumbs for months? 2) Here are some links that may help you: http://www.plain-text.info/faq/ http://en.wikibooks.org/wiki/Reverse_Engineering/Cracking_Windows_XP_Passwords http://www.rainbowtables.net/tutorials/cryptanalisys.php And this might be very helpful in your case: http://www.hackerthreads.org/phpbb/viewtopic.php?t=25803&sid=843daea2d0814a41fbe141fb6932a7f5 <- snip -> Hi, The thing is that cracking the hashes with Cain will take months ! I just cant understand why www.plain-text.info wont except my hashes, it tell me that its the wrong format ! Thanks a lot ! Juan --- Timmothy Lester <Timmothy.Lester (at) primeadvisors (dot) com [email concealed]> wrote:
I believe you right-click>> add to password list >> then go to the password cracker thingy and right click them and choose the various options "brute force" "dictionary". I could be wrong. -----Original Message----- From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Juan B Sent: Wednesday, February 13, 2008 10:15 AM To: security basics Subject: Password hashs issue Hi, I installed a sniffer (cain) in the lan and captured those hashes:
osem\admin:"":"":C0486DB4163A37A100000000000000000000000000000000:4A38D0
EBABB88EED889E65B54991DD13012394965AC9D022:77D205A26EFBE92D
osem\support:"":"":BBCCBAD529AE258800000000000000000000000000000000:9FBF
AB6785A7EAF41AD0DE20F285AC9DBA945EC20C3AE1Bosem\user_analyst:"":"":2E158
D68FD3B262200000000000000000000000000000000:842F9192A7190AF20158FCB4B3E3
A5E5D0BE2E7DE5C392B0:7D1D7EF0DD3920A0
osem\LDAP_anonymous:"":"":DE3D8AFCD5D2FE8A000000000000000000000000000000
00:8DA07C7F7F3BC38CECFCBDDA3186BE66EA9685FE7B061172:5A128695BF6DD28F
osem\administrator:"":"":76BE5E6E99AA009F97F702A69C5B9BFCDC09EBBA9F40F70
0:B4EBBC575171CB781859CB23279A6941981FABCD17399457:71E69612101A3557
osem\Manager:"":"":E3D22494A6388F62287F810F06B81555495AEF4F7773738A:80A1
23BA224D5514AA12BA6AF9697A8B110AB358A03F0D80:9361278F0206A59F
Now cain tells me that the first part is LM hash and the second part is NT hash it also shows nt challenge for all of the passwords,for the first 3 users it says that the type is NTLM session security and for the rest they are LN & NTLM + challenge. I want to find out what are the passwords so I tried to paste those hashes in plain-text.info but it tells me that its the wrong format, what an I doning wrong ? please help! Juan
Current thread:
- Password hashs issue Juan B (Feb 13)
- Re: Password hashs issue Patrick Hendrick (Feb 13)
- Re: Password hashs issue Dave Dearinger (Feb 13)
- <Possible follow-ups>
- RE: Password hashs issue Juan B (Feb 14)
- RE: Password hashs issue krymson (Feb 14)