Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 29 Mar 2011 11:33:14 -0300
From: Nahuel GrisolĂ­a <nahuel.grisolia@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: NTLM hash, is it cracked ?

Yes, "aad3b435b51404eeaad3b435b51404ee" is an empty LM hash.

try --format=nt to force it to try to crack the NTLM one.

Nahuel.

On 29 March 2011 11:29, websiteaccess@...il.com <websiteaccess@...il.com>wrote:

> Hi
>
>  With JTR 1.7.6, I try to crack this hash (NTLM)
>
>
>
> Administrator:500:aad3b435b51404eeaad3b435b51404ee:72747c41396cbbec4203686b40a88670:::
>
>
> I did and get :
>
> iMac-de-xxx-xx:run xxxxx$ ./john -i:all ntlm.txt
> Loaded 1 password hash (LM DES [128/128 BS SSE2])
> Warning: MaxLen = 8 is too large for the current hash type, reduced to 7
> Warning: mixed-case charset, but the current hash type is
> case-insensitive;
> some candidate passwords may be unnecessarily tried more than once.
>                 (Administrator)
> thread:  0 guesses:  1 time: 0:00:00:00  c/s: 8960  trying: SHELARD -
> SPACY
>
> - Is JTR detected it's a NTLM hash (I see : password hash (LM DES
> [128/128 BS SSE2])) ?
> ?
> - Is the plaintext is "empty" ?
>
>  W/A/
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.