Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20111111155818.GA26968@openwall.com>
Date: Fri, 11 Nov 2011 19:58:18 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: NTLM challenge/response cracking (again...)

On Fri, Nov 11, 2011 at 04:42:40PM +0100, rootkit rootkit wrote:
> http://www.openwall.com/lists/john-users/2010/07/09/1
> 
> However there's something I don't understand: does the NETLM cracking
> work only if the challenge is 1122334455667788? Would it work for any
> challenge?

It is supposed to work for other challenges as well, but then you won't
get "matching salts", so cracking of multiple C/R pairs will be slower.

> I'm asking this because I tried to crack my own account (of which I
> know the password) using a dictionary with my password in it, and it
> didn't work. And it did not work with brute force either.

Can you please post this sample C/R pair and the corresponding password
(change it again before posting, indeed)?  Also, it might help if you
include some info on the systems involved (such as versions of Windows).

Thanks,

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.