Re: Brute-forcing cached Windows login password hashes
- From: wymerzp@xxxxxxx
- Date: 26 Jul 2007 12:51:11 -0000
I know for a fact that rainbow tables won't work IF the passwords are salted.
Salt is used to randomize the stored password hash. With different salt value, same password yeilds different hash value. The time-memory trade-off technique used by RainbowCrack is not practical when appliable to this kind of hash.
http://www.antsight.com/zsl/rainbowcrack/faq.htm
You will have the patch depending on what version of JTR you have:
[T]o add support for cracking of sniffed LM/NTLMv1 challenge/response exchanges to John the Ripper. The patch is now listed on John the Ripper homepage and it is a part of the latest revision of the jumbo patch for John the Ripper 1.7.2.
http://www.openwall.com/
I believe that the patch exists here:
http://www.foofus.net/~jmk/tools/jtr/john-1.7.2-all-netlm-netntlm-jmk-2.diff
Good Luck,
Zach
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
- Prev by Date: RE: Brute-forcing cached Windows login password hashes
- Next by Date: Re: Breaking from MySQL to Linux system (SQL Injection).
- Previous by thread: SV: Brute-forcing cached Windows login password hashes
- Next by thread: server port hardening assessment
- Index(es):
