Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
August 19, 2019
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 244
Members: 0
Total: 244
PacketStorm News
Currently there is a problem with headlines from this site
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> All other hashes -> LM and NTLM Hash decryption Goto page Previous  1, 2, 3, 4 ... 76, 77, 78  Next
Post new topic  Reply to topic View previous topic :: View next topic 
PostPosted: Wed Mar 11, 2009 9:11 am Reply with quote
mic33
Regular user
Regular user
 
Joined: Mar 09, 2009
Posts: 11




waraxe wrote:
mic33 wrote:
Thanks for your help and your time!
language is Italian.... I think there aren't "weird" characters (like ), but there are special characters i.e: $, &, , etc
Can you help me please?
You are my last hope!!!!!
I appreciate very much!!!!
Thanks you!!!


I tried and with no luck ...
Only option seems to be LM bruteforce with extended charset, which includes ascii > 127.


Thanks!
I'm a beginner, but I want ask you a question:
Yesterday I read on internet LM hash contains until 14 characters, but I'm sure my password is longer, I think it contains 16 characters... so I ask you... maybe your attack with rainbow tables might be against NT hash?
I think there aren't "weird" characters...
Excuse me for the question....
Thanks for help!!!
View user's profile Send private message
PostPosted: Wed Mar 11, 2009 9:32 am Reply with quote
waraxe
Site admin
Site admin
 
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




In case of len(pass)>14 LM hash will be empty (AAD3B435B51404EEAAD3B435B51404EE), but in your case it is not.
Now, if password really is 16 chars long, then chances are slim, that you are able to crack such NT hash.
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Wed Mar 11, 2009 10:08 am Reply with quote
mic33
Regular user
Regular user
 
Joined: Mar 09, 2009
Posts: 11




waraxe wrote:
In case of len(pass)>14 LM hash will be empty (AAD3B435B51404EEAAD3B435B51404EE), but in your case it is not.
Now, if password really is 16 chars long, then chances are slim, that you are able to crack such NT hash.



Oh... sorry I'm wrong.... Excuse me... I thought lenght pass > 14...
But if you need to decode only LM hash, why is there also NT hash?
Can you help me with LM bruteforce with extended charset, which includes ascii > 127?
Thanks! I appreciate very much!
View user's profile Send private message
PostPosted: Wed Mar 11, 2009 2:45 pm Reply with quote
waraxe
Site admin
Site admin
 
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




mic33 wrote:
waraxe wrote:
In case of len(pass)>14 LM hash will be empty (AAD3B435B51404EEAAD3B435B51404EE), but in your case it is not.
Now, if password really is 16 chars long, then chances are slim, that you are able to crack such NT hash.



Oh... sorry I'm wrong.... Excuse me... I thought lenght pass > 14...
But if you need to decode only LM hash, why is there also NT hash?
Can you help me with LM bruteforce with extended charset, which includes ascii > 127?
Thanks! I appreciate very much!


Why are LM and NT hashes both needed ...
LM is for backward compatibility and Win2000 and WinXP usually
store both LM and NT hashes for same password. Exceptions:

1. if password len is > 14 chars, then only NT hash is used
2. in Vista LM support is disabled by default

LM hash is case insensitive, so if you got password ADMIN, then
in reality it can be admin, AdMin, admIN, etc
LM hash is based on two separate 7-char long password parts,
so LM cracking is much more easier compared to NT hash.

About cracking with extended charset ...
For example Cain can crack LM hashes and does support
custom charset, so probably it's able to do the work.
But expect very poor performance for such cracking, because
it's directly related to charset size.
Maybe EGB NT hash bruteforce is able to do same work, but
I'd prefer LM cracking, because you have better chances for
success with it.
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Thu Mar 12, 2009 7:08 am Reply with quote
mic33
Regular user
Regular user
 
Joined: Mar 09, 2009
Posts: 11




waraxe wrote:
mic33 wrote:
waraxe wrote:
In case of len(pass)>14 LM hash will be empty (AAD3B435B51404EEAAD3B435B51404EE), but in your case it is not.
Now, if password really is 16 chars long, then chances are slim, that you are able to crack such NT hash.



Oh... sorry I'm wrong.... Excuse me... I thought lenght pass > 14...
But if you need to decode only LM hash, why is there also NT hash?
Can you help me with LM bruteforce with extended charset, which includes ascii > 127?
Thanks! I appreciate very much!


Why are LM and NT hashes both needed ...
LM is for backward compatibility and Win2000 and WinXP usually
store both LM and NT hashes for same password. Exceptions:

1. if password len is > 14 chars, then only NT hash is used
2. in Vista LM support is disabled by default

LM hash is case insensitive, so if you got password ADMIN, then
in reality it can be admin, AdMin, admIN, etc
LM hash is based on two separate 7-char long password parts,
so LM cracking is much more easier compared to NT hash.

About cracking with extended charset ...
For example Cain can crack LM hashes and does support
custom charset, so probably it's able to do the work.
But expect very poor performance for such cracking, because
it's directly related to charset size.
Maybe EGB NT hash bruteforce is able to do same work, but
I'd prefer LM cracking, because you have better chances for
success with it.


Ok! Thanks for explaination....
Please, can you help me with this difficult crack?
thanks in advance!!!!
View user's profile Send private message
PostPosted: Thu Mar 12, 2009 8:57 am Reply with quote
darcsacka
Beginner
Beginner
 
Joined: Mar 12, 2009
Posts: 4




ok i have these 2 nt hashes:

59f4f2bb98b1d46e5b1cc69e53dd0d98
59f4f2bb98b1d46e5b1cc69e53ddod98

i need the passes.....from there
any1 with an ideea?..... hashes created with ophcrack from a vista buisniss

thank u in advance
View user's profile Send private message
PostPosted: Thu Mar 12, 2009 3:41 pm Reply with quote
pierpox
Regular user
Regular user
 
Joined: Mar 12, 2009
Posts: 7




Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice?
View user's profile Send private message
PostPosted: Thu Mar 12, 2009 4:58 pm Reply with quote
darcsacka
Beginner
Beginner
 
Joined: Mar 12, 2009
Posts: 4




yes nt hash is nt hash and md5 is md5....2 different things...2 different algorythms Smile
View user's profile Send private message
PostPosted: Thu Mar 12, 2009 5:03 pm Reply with quote
waraxe
Site admin
Site admin
 
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




pierpox wrote:
Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice?


NT hash is basically md4 hash of Unicode password:

http://davenport.sourceforge.net/ntlm.html

Code:

Password:     SecREt01

The Unicode mixed-case password is "0x53006500630052004500740030003100" in hexadecimal; the MD4 hash of this value is calculated, giving "0xcd06ca7c7e10c99b1d33b7485a2ed808". This is the NTLM hash.


So if you have simple password, consisting of lower-ascii characters, then just put binary zero after every char and then take md4 hash Smile
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Thu Mar 12, 2009 5:28 pm Reply with quote
pierpox
Regular user
Regular user
 
Joined: Mar 12, 2009
Posts: 7




waraxe wrote:
pierpox wrote:
Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice?


NT hash is basically md4 hash of Unicode password:

http://davenport.sourceforge.net/ntlm.html




Code:

Password:     SecREt01

The Unicode mixed-case password is "0x53006500630052004500740030003100" in hexadecimal; the MD4 hash of this value is calculated, giving "0xcd06ca7c7e10c99b1d33b7485a2ed808". This is the NTLM hash.


So if you have simple password, consisting of lower-ascii characters, then just put binary zero after every char and then take md4 hash Smile


thanks for the reply...but using this site http://tools.web-max.ca/encode_decode.php for calculating the md4 hash value of "53006500630052004500740030003100" the result is :"534fa82d2e2feb9904f143b40050b7d3",I don't understand,what is the right value?
View user's profile Send private message
PostPosted: Thu Mar 12, 2009 9:22 pm Reply with quote
darcsacka
Beginner
Beginner
 
Joined: Mar 12, 2009
Posts: 4




well i have the sam and system file. any other methods then bruteforce known for cracking the pass?
View user's profile Send private message
PostPosted: Thu Mar 12, 2009 11:31 pm Reply with quote
waraxe
Site admin
Site admin
 
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




pierpox wrote:
waraxe wrote:
pierpox wrote:
Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice?


NT hash is basically md4 hash of Unicode password:

http://davenport.sourceforge.net/ntlm.html




Code:

Password:     SecREt01

The Unicode mixed-case password is "0x53006500630052004500740030003100" in hexadecimal; the MD4 hash of this value is calculated, giving "0xcd06ca7c7e10c99b1d33b7485a2ed808". This is the NTLM hash.


So if you have simple password, consisting of lower-ascii characters, then just put binary zero after every char and then take md4 hash Smile


thanks for the reply...but using this site http://tools.web-max.ca/encode_decode.php for calculating the md4 hash value of "53006500630052004500740030003100" the result is :"534fa82d2e2feb9904f143b40050b7d3",I don't understand,what is the right value?


I meant binary zero (0x00, \x00, NUL, %00), not literal zero (0x30, "0",%30).
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Fri Mar 13, 2009 7:05 am Reply with quote
pierpox
Regular user
Regular user
 
Joined: Mar 12, 2009
Posts: 7




waraxe wrote:
pierpox wrote:
waraxe wrote:
pierpox wrote:
Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice?


NT hash is basically md4 hash of Unicode password:

http://davenport.sourceforge.net/ntlm.html




Code:

Password:     SecREt01

The Unicode mixed-case password is "0x53006500630052004500740030003100" in hexadecimal; the MD4 hash of this value is calculated, giving "0xcd06ca7c7e10c99b1d33b7485a2ed808". This is the NTLM hash.


So if you have simple password, consisting of lower-ascii characters, then just put binary zero after every char and then take md4 hash Smile


thanks for the reply...but using this site http://tools.web-max.ca/encode_decode.php for calculating the md4 hash value of "53006500630052004500740030003100" the result is :"534fa82d2e2feb9904f143b40050b7d3",I don't understand,what is the right value?


I meant binary zero (0x00, \x00, NUL, %00), not literal zero (0x30, "0",%30).


Hi,I'm sorry if I abuse of your patience, Embarassed but can you write the right string on which I have to apply the md4 encoder?Many thanks Very Happy
View user's profile Send private message
PostPosted: Fri Mar 13, 2009 7:19 am Reply with quote
mic33
Regular user
Regular user
 
Joined: Mar 09, 2009
Posts: 11




mic33 wrote:
waraxe wrote:
mic33 wrote:
waraxe wrote:
In case of len(pass)>14 LM hash will be empty (AAD3B435B51404EEAAD3B435B51404EE), but in your case it is not.
Now, if password really is 16 chars long, then chances are slim, that you are able to crack such NT hash.



Oh... sorry I'm wrong.... Excuse me... I thought lenght pass > 14...
But if you need to decode only LM hash, why is there also NT hash?
Can you help me with LM bruteforce with extended charset, which includes ascii > 127?
Thanks! I appreciate very much!


Why are LM and NT hashes both needed ...
LM is for backward compatibility and Win2000 and WinXP usually
store both LM and NT hashes for same password. Exceptions:

1. if password len is > 14 chars, then only NT hash is used
2. in Vista LM support is disabled by default

LM hash is case insensitive, so if you got password ADMIN, then
in reality it can be admin, AdMin, admIN, etc
LM hash is based on two separate 7-char long password parts,
so LM cracking is much more easier compared to NT hash.

About cracking with extended charset ...
For example Cain can crack LM hashes and does support
custom charset, so probably it's able to do the work.
But expect very poor performance for such cracking, because
it's directly related to charset size.
Maybe EGB NT hash bruteforce is able to do same work, but
I'd prefer LM cracking, because you have better chances for
success with it.


Ok! Thanks for explaination....
Please, can you help me with this difficult crack?
thanks in advance!!!!




Excuse me.... do you need time to decode this difficult hash?
Is it possible?
Can you help me, please?
I wait you... you are fantastic!
Thanks very much!!!!
thanks very much
View user's profile Send private message
PostPosted: Fri Mar 13, 2009 8:13 am Reply with quote
waraxe
Site admin
Site admin
 
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




pierpox wrote:
waraxe wrote:
pierpox wrote:
waraxe wrote:
pierpox wrote:
Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice?


NT hash is basically md4 hash of Unicode password:

http://davenport.sourceforge.net/ntlm.html




Code:

Password:     SecREt01

The Unicode mixed-case password is "0x53006500630052004500740030003100" in hexadecimal; the MD4 hash of this value is calculated, giving "0xcd06ca7c7e10c99b1d33b7485a2ed808". This is the NTLM hash.


So if you have simple password, consisting of lower-ascii characters, then just put binary zero after every char and then take md4 hash Smile


thanks for the reply...but using this site http://tools.web-max.ca/encode_decode.php for calculating the md4 hash value of "53006500630052004500740030003100" the result is :"534fa82d2e2feb9904f143b40050b7d3",I don't understand,what is the right value?


I meant binary zero (0x00, \x00, NUL, %00), not literal zero (0x30, "0",%30).


Hi,I'm sorry if I abuse of your patience, Embarassed but can you write the right string on which I have to apply the md4 encoder?Many thanks Very Happy


Most online tools do not work properly with strings containing binary zeros, so you need local test.
For example this is NT hash calculation using Linux shell:

Code:

$ echo -n test | sed -r 's,(.),\1\x00,g' | openssl md4
View user's profile Send private message Send e-mail Visit poster's website
LM and NTLM Hash decryption
  www.waraxe.us Forum Index -> All other hashes
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 3 of 78  
Goto page Previous  1, 2, 3, 4 ... 76, 77, 78  Next
  
  
 Post new topic  Reply to topic  




Powered by phpBB 2001-2008 phpBB Group






Error messages
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2013 Janek Vind "waraxe"
Page Generation: 0.082 Seconds