Penetration Testing mailing list archives

Re: Re: AD password Auditing

From: David Cravshaw <david.cravshaw () gmail com>
Date: Tue, 16 Aug 2005 11:24:58 -0500

I'm pretty sure that if you import the hashes to cain
(http://www.oxid.it/), and then "test password", it will determine the
proper case of the NTLM password.

On 8/16/05, yfs us <yfs_168us () yahoo com> wrote:

Hi All,

    Is there a tool that could generate a list of case
sensativity for any
giving word ? The reason
I'm asking is I found out that the LM hash actually
contains the NTLM
password but one need
to try the case sensativity on it.

Cheers

----- Original Message -----
From: <gcehrh () hotmail com>
To: <pen-test () securityfocus com>
Sent: Friday, August 12, 2005 11:22 PM
Subject: Re: Re: AD password Auditing

If you've cracked the LM hash why would you want to

crack the NTLM hash,
unless you're looking for case sensativity?

--------------------------------------------------------------------------
----

FREE WHITE PAPER - Wireless LAN Security: What

Hackers Know That You Don't


Learn the hacker's secrets that compromise wireless

LANs. Secure your

WLAN by understanding these threats, available

hacking tools and proven

countermeasures. Defend your WLAN against

man-in-the-Middle attacks and

session hijacking, denial-of-service, rogue access

points, identity

thefts and MAC spoofing. Request your complimentary

white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801

--------------------------------------------------------------------------
-----





____________________________________________________
Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs


------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------


------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------

Current thread:

RE: AD password Auditing, (continued)
- RE: AD password Auditing Cedric.Baechler (Aug 08)
- Re: RE: AD password Auditing gcehrh (Aug 08)
- RE: AD password Auditing Lohan Spies (Aug 08)
- Re: RE: AD password Auditing gcehrh (Aug 11)
- Re: AD password Auditing yfs us (Aug 11)
- RE: RE: AD password Auditing Beauford, Jason (Aug 11)
- RE: AD password Auditing Distler, Dennis (Aug 12)
- Re: Re: AD password Auditing gcehrh (Aug 12)
- RE: RE: AD password Auditing Rochford, Paul (Aug 12)
- Re: Re: AD password Auditing yfs us (Aug 16)
  - Re: Re: AD password Auditing David Cravshaw (Aug 16)