Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 22 Aug 2011 22:51:14 +0200
From: Roland <>
Subject: Re: password with the sign "#"

Thank you for the Information.

But I don't understand the difference between LM hashes and NT hashes. Where could I read more about that?

I dumped the SAM and the SYSTEM file from my Win7 System with "pwdump7"

LG Roland

On Aug 22, 2011, at 7:58 PM, Solar Designer wrote:

> On Mon, Aug 22, 2011 at 07:46:24PM +0200, Roland wrote:
>> I have my Password in the Wordlist, but it don't work right. How long does it take to crack the whole wordlist?
> If you have the password in the wordlist, then it should get cracked
> almost instantly.  (We're talking fast hashes here - either LM or NT.)
>> If I type ./john dump-file john checks the wordlist?
> Not exactly.  This invokes three cracking modes in order, one of which
> uses password.lst as its wordlist.  To simply run your wordlist, use:
> ./john --wordlist=WORDLIST-FILE PWDUMP-FILE
> of course, replacing WORDLIST-FILE and PWDUMP-FILE with proper filenames.
> To run your wordlist with rules (which may be needed to crack the second
> half of the LM hash), use:
> ./john --wordlist=WORDLIST-FILE --rules PWDUMP-FILE
> To crack the NT hash instead (case-sensitive), use:
> ./john --format=nt --wordlist=WORDLIST-FILE PWDUMP-FILE
> (with a -jumbo version of JtR).
> It is also possible to crack the NT hash after having cracked the LM hash:
> ./john --show PWDUMP-FILE | cut -f2 -d: | ./john --format=nt --pipe --rules=nt PWDUMP-FILE
> This requires very recent -jumbo for the "--pipe" option, or you may
> use an older version with an intermediate file.
> Alexander

Download attachment "signature.asc" of type "application/pgp-signature" (802 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.