Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 11 Nov 2011 16:42:40 +0100
From: rootkit rootkit <>
Subject: NTLM challenge/response cracking (again...)

Hello list,

I have a few NTLM C/R proxy authentications sniffed with ettercap and
I'm trying to crack them. They look like the usual:


The challenge changes every time as this is just a sniff.

Information on this topic are very difficult to find. At the beginning
I was thinking about generating rainbow tables for each different
CHALLENGE, but that would be really too much.

I then came across this very useful post from Alex

However there's something I don't understand: does the NETLM cracking
work only if the challenge is 1122334455667788? Would it work for any

I'm asking this because I tried to crack my own account (of which I
know the password) using a dictionary with my password in it, and it
didn't work. And it did not work with brute force either.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.