Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sun, 14 Aug 2011 22:45:04 -0400
From: Erik Winkler <ewinkler@...ls.com>
To: john-users@...ts.openwall.com
Subject: Re: MSSQL Hash Format in JTR

I refer you to the following URL for a good description of SQL 2005 and 2000 hashes.

http://hkashfi.blogspot.com/2007/08/breaking-sql-server-2005-hashes.html


> Now the question is, when I check the candidate passwords that are being tried by JTR against these hashes, they are all in Uppercase. Why is that so?
> 
> Are the MSSQL 2000 hashes supposed to be case insensitive?
> 
> Another question, which relates to the same topic is.
> 
> When I try to crack multiple MSSQL hashes with JTR version 1.7.7 jumbo 1,
> 
> I notice that, it tries some weird combination of characters and not the actual wordlist passwords.
> 
> Also, it tries to bruteforce only the first hash in the hash list. Remaining hashes are ignored.
> 
> Is this is a known bug since I couldn't find it listed anywhere in the mailing list, so I have opened this new topic.
> 
> Regards,
> NeonFlash
> 
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.