Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PEN-TEST] admin rights on an IIS 5.0 with unicode bug?

From: Renato Ettisberger <renato.ettisberger () CH PWCGLOBAL COM>
Date: Wed, 28 Mar 2001 11:58:27 +0200
wrote:


Correct me if I'm wrong.
But this is a LM Hash.


I don't think so. I can't use L0phtcrack to crack the password.  I used a
tool, which reads
the registry keys and dumps the password hashs to the console in crude
form.
But I have no idea how I can crack this password hashs

Output of the tool :

Dumping SAM for RID 500...

F:0x02002000000000000000000000000000000000000....
V:0x00000000a800000....................................................................................................................................................

Any ideas

regards
Renato


1st 8 bytes are derived from the first seven characters of the password

and

the second 8 bytes are derived from the 8th through 14th characters of the
password.



L0phtCrack could crack it.



More information take a look in the l0phtcrack docs.

[]s






----------------------------------------------------------------
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material.  Any review, retransmission, dissemination or other use of, or
taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited.   If you received
this in error, please contact the sender and delete the material from any
computer.
Previous By Date Next
Previous By Thread Next

Current thread: