Full Disclosure mailing list archives
Re: Best way to crack NT passwds
From: David Chastain <dlcmacosx () mac com>
Date: Mon, 01 Aug 2005 10:39:24 -0700
If you have physical access - Try BartPE On Saturday, July 30, 2005, at 06:37AM, Paul Farrow <augm58 () dsl pipex com> wrote:
Yup after I posted that I read your post, have to admit, searching a table full of hashes would be a hell of alot quicker than cracking it manually :] But then again, I rarely crack any hashes (good memory for my own passwords) but anything for md5 i use passcracking.net/com. But i suppose it wouldnt be difficult to code up a quick php page to fill a mysql dbase with incremental hashes generated on the fly... might look into it (even though its no doubt been done) fun project for a rainy day i suppose. ad () class101 org wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 rainbow crack finds this pass "Test0r" in 5-10sec and you doesn't need an huge machine to get it, if you like johnthe ripper, I heavly suggest you to generate your tables and start using rbcrack, because you are loosing your time on john, believe me :) At 12:25 30/07/05, Paul Farrow wrote:Chances are the system used by the website was a multi-processor beast of machine, able to maximise cpu time to cracking the passwords. If you can get the password hash, then your best bet is to run it through jtr(john the ripper). C:\toolkit\passwords\pwdump> pwdump2 Administrator:500:62b239ea3de3b4142e04d2d295f821b0:a929535485de3b50889 23fd58d02cca2::: ASPNET:1000:f5052a93de1b6a7848d83fff52bb5c55:264d62a5f32f74bb6df2642a5 14fd17f::: Guest:501:d9dce10ca0c8ba7baad3b435b51404ee:672e556cf53bf2a83c36bead638 3212b::: __vmware_user__:1002:aad3b435b51404eeaad3b435b51404ee:69deddc712c272b3 3e31fae0f4b82a73::: C:\toolkit\passwords\pwdump> pwdump2 > passwords.dump C:\toolkit\passwords\john>john -incremental passwords.dump Loaded 4 passwords with no different salts (NT LM DES [24/32 4K]) TEST0R (Administrator:2) guesses: 1 time: 0:00:00:20 c/s: 9045001 trying: PMSBRK - HLEYKL Thats on a 1.987mhz AMD processor in windows 2000, running about 30 other things at once. Hope this helps. X u r r o n wrote:hiya! I have tried many softwares for cracking NTLM hashes, like NC4, Cain and have't tried Rainbow Crack yet. Once i had to recover my XPs lost admin password and i spend around 1 day but Cain/NC4 were not able to guess that. Then i posted that hashes on some site and it did recover my passwd in around 5min. I want to know which technique they used to crack so fast ? Xurron ---------------------------------------------------------------------- -- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2rc2 (MingW32) iQIVAwUBQutb0a+LRXunxpxfAQK+3g//dof4pz4mFmqJOed4ehsBm+rrYDYsBqDq 1pwHhC9eHg72Ot/kij5DC7leEUNOH6BYi+UiDDOWWN3tvVnzHkHr3SmxGb6GBcyh T9gmQcvkwq5beShtpCutXK51UCk70DmdKSbLnUGTFbofJHRb2j92zamjjSFnoyXr r6mQ89mqxYy2dmxIUnbFFCWhUdr2sn0lVmwIX4cjjxQhOhKO5ouhxWy0FbHFuXt3 +OVNJ3LZWsbqmInEwSnTPw//YBbj4MVrE2RuxsqiAcZ7LJjuUoTX5ZIeZjw0/J7i 7YV1oLNeTqDBd9cCoshOXvHC9rLXaZ0ZX9oLfej7kxAGsQ1Yd6NXxHOJio4O0xeX cLfItvV3TbESacg+O/MZc4VwOnrvHej9jADf49fteSjRs3uOx3aT9hSqVayJcyb1 zBINQbkIn3RiNOJj4/aKLm+uoJGioSGBRaw4BXvZSZ/1SixxmyDkJ0uo0a50dM7N oxS6sgern8BljF20yhPEnPLQJPnD0NmgszpnAMUcbkydHiY3tseNBOeiSCB4Gft8 yHLAsHi1Om2tR25+dl+6mVnBlOHKa++lBius6wbymU3vbFSX0RXYuoz3p6npPpa2 irx0OcYT+OldV4YezKYIBPVa+/V5V7hOaGKGA3PpwLpVGSZwT9zqhVA2EimIhGeA Ct6SEcxmUeY= =+sl3 -----END PGP SIGNATURE-----_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Best way to crack NT passwds David Chastain (Aug 01)