Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAP4Wu7V_+b=T=LJLJ-ipLzoBVHmXw8oHKicVNkN=ri54JpFHVw@mail.gmail.com>
Date: Fri, 11 Nov 2011 16:42:40 +0100
From: rootkit rootkit <rootkit77@...il.com>
To: john-users@...ts.openwall.com
Subject: NTLM challenge/response cracking (again...)

Hello list,

I have a few NTLM C/R proxy authentications sniffed with ettercap and
I'm trying to crack them. They look like the usual:

user:::LM:NTLM:CHALLENGE

The challenge changes every time as this is just a sniff.

Information on this topic are very difficult to find. At the beginning
I was thinking about generating rainbow tables for each different
CHALLENGE, but that would be really too much.

I then came across this very useful post from Alex

http://www.openwall.com/lists/john-users/2010/07/09/1

However there's something I don't understand: does the NETLM cracking
work only if the challenge is 1122334455667788? Would it work for any
challenge?

I'm asking this because I tried to crack my own account (of which I
know the password) using a dictionary with my password in it, and it
didn't work. And it did not work with brute force either.

Thanks.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.