Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 12 Feb 2010 19:43:44 -0600
From: Minga Minga <mingakore@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: NTLM cracking

> I quite happily ran this command: john -show pwfile | cut -d: -f2 > cracked
>  john -w=cracked -rules -format=nt pwfile

You are doing everything right.
There is something wrong with your pwfile if you ask me.
It doesn't seem to have enough characters in the password hashes.
I would expect to see :

login:number:32_character:32_characters

you provided:

login:number:28_characters:32_characters

What version of fgdump/pwdump were you using?  (I could be wrong about this,
but I cannot get your passes to load into my version of JtR at all!).

Also try doing :
john -rules -format=nt -stdout | more
As a test to see if the rule you created is being used correctly. You
should see output such as:

iamawes
Iamawes
IAmawes
IAMawes..
etc etc etc

-Minga

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.