cracking sniffed hashs issue

From: Juan B <juanbabi@xxxxxxxxx>
Date: Wed, 13 Feb 2008 07:13:29 -0800 (PST)

Hi,

I installed a sniffer (cain) in the lan and captured
those hashes:

osem\admin:"":"":C0486DB4163A37A100000000000000000000000000000000:4A38D0EBABB88EED889E65B54991DD13012394965AC9D022:77D205A26EFBE92D
osem\support:"":"":BBCCBAD529AE258800000000000000000000000000000000:9FBFAB6785A7EAF41AD0DE20F285AC9DBA945EC20C3AE1Bosem\user_analyst:"":"":2E158D68FD3B262200000000000000000000000000000000:842F9192A7190AF20158FCB4B3E3A5E5D0BE2E7DE5C392B0:7D1D7EF0DD3920A0
osem\LDAP_anonymous:"":"":DE3D8AFCD5D2FE8A00000000000000000000000000000000:8DA07C7F7F3BC38CECFCBDDA3186BE66EA9685FE7B061172:5A128695BF6DD28F
osem\administrator:"":"":76BE5E6E99AA009F97F702A69C5B9BFCDC09EBBA9F40F700:B4EBBC575171CB781859CB23279A6941981FABCD17399457:71E69612101A3557
osem\Manager:"":"":E3D22494A6388F62287F810F06B81555495AEF4F7773738A:80A123BA224D5514AA12BA6AF9697A8B110AB358A03F0D80:9361278F0206A59F

Now cain tells me that the first part is LM hash and
the second part is NT hash it also shows nt challenge
for all of the passwords,for the first 3 users it says
that the type is NTLM session security and for the
rest they are LN & NTLM + challenge.
I want to find out what are the passwords so I tried
to paste those hashes in plain-text.info but it tells
me that its the wrong format, what an I doning wrong ?
please help!

Juan

____________________________________________________________________________________
Never miss a thing. Make Yahoo your home page.
http://www.yahoo.com/r/hs

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Prev by Date: Progress Database Audit/Pentest
Next by Date: Re: Suspecious JPEG Files
Previous by thread: Progress Database Audit/Pentest
Next by thread: Tool - RunAsUser v0.5 released
Index(es):
- Date
- Thread

Relevant Pages

RE: Pass the hash
... Subject: Pass the hash ... I have an email hack that sends the Windows ... Using CAIN I can get the suite of NTLMSSP ... Since these hashes are not the same as ...
(Pen-Test)
Password hashs issue
... I installed a sniffer (cain) in the lan and captured ... the second part is NT hash it also shows nt challenge ... that the type is NTLM session security and for the ... to paste those hashes in plain-text.info but it tells ...
(Security-Basics)
RE: Password hashs issue
... The thing is that cracking the hashes with Cain will ... the second part is NT hash it also shows nt ... that the type is NTLM session security and for the ...
(Security-Basics)
Pass the hash
... I have an email hack that sends the Windows ... Using CAIN I can get the suite of NTLMSSP ... Since these hashes are not the same as ... and I know that Metasploit will pass the hash when it ...
(Pen-Test)
Re: Password hashs issue
... First of all I would recommend not posting full hashes to the list. ... Next I would recommend changing passwords for all of those accounts. ... I'm not sure how this works with Cain, but with LC5 you can import text files and plug away at them all day. ... that the type is NTLM session security and for the ...
(Security-Basics)