|
Message-Id: <12FE4A18-5438-47E1-844F-B6887BE2492E@gmail.com>
Date: Mon, 22 Aug 2011 22:51:14 +0200
From: Roland <roland0509@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: password with the sign "#"
Thank you for the Information.
But I don't understand the difference between LM hashes and NT hashes. Where could I read more about that?
I dumped the SAM and the SYSTEM file from my Win7 System with "pwdump7"
--
LG Roland
On Aug 22, 2011, at 7:58 PM, Solar Designer wrote:
> On Mon, Aug 22, 2011 at 07:46:24PM +0200, Roland wrote:
>> I have my Password in the Wordlist, but it don't work right. How long does it take to crack the whole wordlist?
>
> If you have the password in the wordlist, then it should get cracked
> almost instantly. (We're talking fast hashes here - either LM or NT.)
>
>> If I type ./john dump-file john checks the wordlist?
>
> Not exactly. This invokes three cracking modes in order, one of which
> uses password.lst as its wordlist. To simply run your wordlist, use:
>
> ./john --wordlist=WORDLIST-FILE PWDUMP-FILE
>
> of course, replacing WORDLIST-FILE and PWDUMP-FILE with proper filenames.
>
> To run your wordlist with rules (which may be needed to crack the second
> half of the LM hash), use:
>
> ./john --wordlist=WORDLIST-FILE --rules PWDUMP-FILE
>
> To crack the NT hash instead (case-sensitive), use:
>
> ./john --format=nt --wordlist=WORDLIST-FILE PWDUMP-FILE
>
> (with a -jumbo version of JtR).
>
> It is also possible to crack the NT hash after having cracked the LM hash:
>
> ./john --show PWDUMP-FILE | cut -f2 -d: | ./john --format=nt --pipe --rules=nt PWDUMP-FILE
>
> This requires very recent -jumbo for the "--pipe" option, or you may
> use an older version with an intermediate file.
>
> Alexander
Download attachment "signature.asc" of type "application/pgp-signature" (802 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.