Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

smb_sniffer module question

From: nicolas.ruff at gmail.com (Nicolas RUFF)
Date: Wed, 13 Dec 2006 21:59:26 +0100
The format is the "old style" L0phtcrack challenge-response capture. You 
can import this into LC, but I don't know what other tools support 
challenge-response cracking or what format they accept it. Since 
l0pthcrack is commercial and obsolete, I would like to change this format 
to be accepted by a free/oss cracking application instead. Besides Cain, 
are there any suggestions for apps that can crack challenge-response 
hashes?


        Hello,

As pointed before:
http://metasploit.com/archive/framework/msg00799.html

The LCP free tool is able to crack LM/NTLM challenge/response:
http://www.lcpsoft.com/english/index.htm

The input file format is:
username:3:challenge:lm_reponse:ntlm_response

BTW, a fixed challenge (0x41414141...) is nice for using rainbow tables,
but it has not been done yet :(

Regards,
- Nicolas RUFF
Previous By Date Next
Previous By Thread Next

Current thread: