 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
 |
|
 |
 Posted: Wed Mar 11, 2009 9:11 am |
 |
|
| mic33 |
| Regular user |
 |
|
| Joined: Mar 09, 2009 |
| Posts: 11 |
|
|
|
 |
|
 |
|
| waraxe wrote: | | mic33 wrote: | Thanks for your help and your time!
language is Italian.... I think there aren't "weird" characters (like ÖÄÜÕöäüõ), but there are special characters i.e: $, &, £, etc
Can you help me please?
You are my last hope!!!!!
I appreciate very much!!!!
Thanks you!!! |
I tried and with no luck ...
Only option seems to be LM bruteforce with extended charset, which includes ascii > 127. |
Thanks!
I'm a beginner, but I want ask you a question:
Yesterday I read on internet LM hash contains until 14 characters, but I'm sure my password is longer, I think it contains 16 characters... so I ask you... maybe your attack with rainbow tables might be against NT hash?
I think there aren't "weird" characters...
Excuse me for the question....
Thanks for help!!! |
|
|
|
|
|
|
|
|
| Posted: Wed Mar 11, 2009 9:32 am |
|
|
| waraxe |
| Site admin |
 |
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
In case of len(pass)>14 LM hash will be empty (AAD3B435B51404EEAAD3B435B51404EE), but in your case it is not.
Now, if password really is 16 chars long, then chances are slim, that you are able to crack such NT hash. |
|
|
|
|
| Posted: Wed Mar 11, 2009 10:08 am |
|
|
| mic33 |
| Regular user |
|
|
| Joined: Mar 09, 2009 |
| Posts: 11 |
|
|
|
|
|
|
|
| waraxe wrote: | In case of len(pass)>14 LM hash will be empty (AAD3B435B51404EEAAD3B435B51404EE), but in your case it is not.
Now, if password really is 16 chars long, then chances are slim, that you are able to crack such NT hash. |
Oh... sorry I'm wrong.... Excuse me... I thought lenght pass > 14...
But if you need to decode only LM hash, why is there also NT hash?
Can you help me with LM bruteforce with extended charset, which includes ascii > 127?
Thanks! I appreciate very much! |
|
|
|
|
|
|
|
|
| Posted: Wed Mar 11, 2009 2:45 pm |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| mic33 wrote: | | waraxe wrote: | In case of len(pass)>14 LM hash will be empty (AAD3B435B51404EEAAD3B435B51404EE), but in your case it is not.
Now, if password really is 16 chars long, then chances are slim, that you are able to crack such NT hash. |
Oh... sorry I'm wrong.... Excuse me... I thought lenght pass > 14...
But if you need to decode only LM hash, why is there also NT hash?
Can you help me with LM bruteforce with extended charset, which includes ascii > 127?
Thanks! I appreciate very much! |
Why are LM and NT hashes both needed ...
LM is for backward compatibility and Win2000 and WinXP usually
store both LM and NT hashes for same password. Exceptions:
1. if password len is > 14 chars, then only NT hash is used
2. in Vista LM support is disabled by default
LM hash is case insensitive, so if you got password ADMIN, then
in reality it can be admin, AdMin, admIN, etc
LM hash is based on two separate 7-char long password parts,
so LM cracking is much more easier compared to NT hash.
About cracking with extended charset ...
For example Cain can crack LM hashes and does support
custom charset, so probably it's able to do the work.
But expect very poor performance for such cracking, because
it's directly related to charset size.
Maybe EGB NT hash bruteforce is able to do same work, but
I'd prefer LM cracking, because you have better chances for
success with it. |
|
|
|
|
|
|
|
|
| Posted: Thu Mar 12, 2009 7:08 am |
|
|
| mic33 |
| Regular user |
|
|
| Joined: Mar 09, 2009 |
| Posts: 11 |
|
|
|
|
|
|
|
| waraxe wrote: | | mic33 wrote: | | waraxe wrote: | In case of len(pass)>14 LM hash will be empty (AAD3B435B51404EEAAD3B435B51404EE), but in your case it is not.
Now, if password really is 16 chars long, then chances are slim, that you are able to crack such NT hash. |
Oh... sorry I'm wrong.... Excuse me... I thought lenght pass > 14...
But if you need to decode only LM hash, why is there also NT hash?
Can you help me with LM bruteforce with extended charset, which includes ascii > 127?
Thanks! I appreciate very much! |
Why are LM and NT hashes both needed ...
LM is for backward compatibility and Win2000 and WinXP usually
store both LM and NT hashes for same password. Exceptions:
1. if password len is > 14 chars, then only NT hash is used
2. in Vista LM support is disabled by default
LM hash is case insensitive, so if you got password ADMIN, then
in reality it can be admin, AdMin, admIN, etc
LM hash is based on two separate 7-char long password parts,
so LM cracking is much more easier compared to NT hash.
About cracking with extended charset ...
For example Cain can crack LM hashes and does support
custom charset, so probably it's able to do the work.
But expect very poor performance for such cracking, because
it's directly related to charset size.
Maybe EGB NT hash bruteforce is able to do same work, but
I'd prefer LM cracking, because you have better chances for
success with it. |
Ok! Thanks for explaination....
Please, can you help me with this difficult crack?
thanks in advance!!!! |
|
|
|
|
|
|
|
|
| Posted: Thu Mar 12, 2009 8:57 am |
|
|
| darcsacka |
| Beginner |
|
|
| Joined: Mar 12, 2009 |
| Posts: 4 |
|
|
|
|
|
|
|
ok i have these 2 nt hashes:
59f4f2bb98b1d46e5b1cc69e53dd0d98
59f4f2bb98b1d46e5b1cc69e53ddod98
i need the passes.....from there
any1 with an ideea?..... hashes created with ophcrack from a vista buisniss
thank u in advance |
|
|
|
|
|
|
|
|
| Posted: Thu Mar 12, 2009 3:41 pm |
|
|
| pierpox |
| Regular user |
|
|
| Joined: Mar 12, 2009 |
| Posts: 7 |
|
|
|
|
|
|
|
| Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice? |
|
|
|
|
| Posted: Thu Mar 12, 2009 4:58 pm |
|
|
| darcsacka |
| Beginner |
|
|
| Joined: Mar 12, 2009 |
| Posts: 4 |
|
|
|
|
|
|
|
yes nt hash is nt hash and md5 is md5....2 different things...2 different algorythms  |
|
|
|
|
|
|
|
|
| Posted: Thu Mar 12, 2009 5:03 pm |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| pierpox wrote: | | Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice? |
NT hash is basically md4 hash of Unicode password:
http://davenport.sourceforge.net/ntlm.html
| Code: |
Password: SecREt01
The Unicode mixed-case password is "0x53006500630052004500740030003100" in hexadecimal; the MD4 hash of this value is calculated, giving "0xcd06ca7c7e10c99b1d33b7485a2ed808". This is the NTLM hash.
|
So if you have simple password, consisting of lower-ascii characters, then just put binary zero after every char and then take md4 hash |
|
|
|
|
|
|
|
|
| Posted: Thu Mar 12, 2009 5:28 pm |
|
|
| pierpox |
| Regular user |
|
|
| Joined: Mar 12, 2009 |
| Posts: 7 |
|
|
|
|
|
|
|
| waraxe wrote: | | pierpox wrote: | | Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice? |
NT hash is basically md4 hash of Unicode password:
http://davenport.sourceforge.net/ntlm.html
| Code: |
Password: SecREt01
The Unicode mixed-case password is "0x53006500630052004500740030003100" in hexadecimal; the MD4 hash of this value is calculated, giving "0xcd06ca7c7e10c99b1d33b7485a2ed808". This is the NTLM hash.
|
So if you have simple password, consisting of lower-ascii characters, then just put binary zero after every char and then take md4 hash |
thanks for the reply...but using this site http://tools.web-max.ca/encode_decode.php for calculating the md4 hash value of "53006500630052004500740030003100" the result is :"534fa82d2e2feb9904f143b40050b7d3",I don't understand,what is the right value? |
|
|
|
|
|
|
|
|
| Posted: Thu Mar 12, 2009 9:22 pm |
|
|
| darcsacka |
| Beginner |
|
|
| Joined: Mar 12, 2009 |
| Posts: 4 |
|
|
|
|
|
|
|
| well i have the sam and system file. any other methods then bruteforce known for cracking the pass? |
|
|
|
|
|
|
|
|
| Posted: Thu Mar 12, 2009 11:31 pm |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| pierpox wrote: | | waraxe wrote: | | pierpox wrote: | | Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice? |
NT hash is basically md4 hash of Unicode password:
http://davenport.sourceforge.net/ntlm.html
| Code: |
Password: SecREt01
The Unicode mixed-case password is "0x53006500630052004500740030003100" in hexadecimal; the MD4 hash of this value is calculated, giving "0xcd06ca7c7e10c99b1d33b7485a2ed808". This is the NTLM hash.
|
So if you have simple password, consisting of lower-ascii characters, then just put binary zero after every char and then take md4 hash |
thanks for the reply...but using this site http://tools.web-max.ca/encode_decode.php for calculating the md4 hash value of "53006500630052004500740030003100" the result is :"534fa82d2e2feb9904f143b40050b7d3",I don't understand,what is the right value? |
I meant binary zero (0x00, \x00, NUL, %00), not literal zero (0x30, "0",%30). |
|
|
|
|
|
|
|
|
| Posted: Fri Mar 13, 2009 7:05 am |
|
|
| pierpox |
| Regular user |
|
|
| Joined: Mar 12, 2009 |
| Posts: 7 |
|
|
|
|
|
|
|
| waraxe wrote: | | pierpox wrote: | | waraxe wrote: | | pierpox wrote: | | Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice? |
NT hash is basically md4 hash of Unicode password:
http://davenport.sourceforge.net/ntlm.html
| Code: |
Password: SecREt01
The Unicode mixed-case password is "0x53006500630052004500740030003100" in hexadecimal; the MD4 hash of this value is calculated, giving "0xcd06ca7c7e10c99b1d33b7485a2ed808". This is the NTLM hash.
|
So if you have simple password, consisting of lower-ascii characters, then just put binary zero after every char and then take md4 hash |
thanks for the reply...but using this site http://tools.web-max.ca/encode_decode.php for calculating the md4 hash value of "53006500630052004500740030003100" the result is :"534fa82d2e2feb9904f143b40050b7d3",I don't understand,what is the right value? |
I meant binary zero (0x00, \x00, NUL, %00), not literal zero (0x30, "0",%30). |
Hi,I'm sorry if I abuse of your patience,  but can you write the right string on which I have to apply the md4 encoder?Many thanks  |
|
|
|
|
|
|
|
|
| Posted: Fri Mar 13, 2009 7:19 am |
|
|
| mic33 |
| Regular user |
|
|
| Joined: Mar 09, 2009 |
| Posts: 11 |
|
|
|
|
|
|
|
| mic33 wrote: | | waraxe wrote: | | mic33 wrote: | | waraxe wrote: | In case of len(pass)>14 LM hash will be empty (AAD3B435B51404EEAAD3B435B51404EE), but in your case it is not.
Now, if password really is 16 chars long, then chances are slim, that you are able to crack such NT hash. |
Oh... sorry I'm wrong.... Excuse me... I thought lenght pass > 14...
But if you need to decode only LM hash, why is there also NT hash?
Can you help me with LM bruteforce with extended charset, which includes ascii > 127?
Thanks! I appreciate very much! |
Why are LM and NT hashes both needed ...
LM is for backward compatibility and Win2000 and WinXP usually
store both LM and NT hashes for same password. Exceptions:
1. if password len is > 14 chars, then only NT hash is used
2. in Vista LM support is disabled by default
LM hash is case insensitive, so if you got password ADMIN, then
in reality it can be admin, AdMin, admIN, etc
LM hash is based on two separate 7-char long password parts,
so LM cracking is much more easier compared to NT hash.
About cracking with extended charset ...
For example Cain can crack LM hashes and does support
custom charset, so probably it's able to do the work.
But expect very poor performance for such cracking, because
it's directly related to charset size.
Maybe EGB NT hash bruteforce is able to do same work, but
I'd prefer LM cracking, because you have better chances for
success with it. |
Ok! Thanks for explaination....
Please, can you help me with this difficult crack?
thanks in advance!!!! |
Excuse me.... do you need time to decode this difficult hash?
Is it possible?
Can you help me, please?
I wait you... you are fantastic!
Thanks very much!!!!
thanks very much |
|
|
|
|
|
|
|
|
| Posted: Fri Mar 13, 2009 8:13 am |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| pierpox wrote: | | waraxe wrote: | | pierpox wrote: | | waraxe wrote: | | pierpox wrote: | | Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice? |
NT hash is basically md4 hash of Unicode password:
http://davenport.sourceforge.net/ntlm.html
| Code: |
Password: SecREt01
The Unicode mixed-case password is "0x53006500630052004500740030003100" in hexadecimal; the MD4 hash of this value is calculated, giving "0xcd06ca7c7e10c99b1d33b7485a2ed808". This is the NTLM hash.
|
So if you have simple password, consisting of lower-ascii characters, then just put binary zero after every char and then take md4 hash |
thanks for the reply...but using this site http://tools.web-max.ca/encode_decode.php for calculating the md4 hash value of "53006500630052004500740030003100" the result is :"534fa82d2e2feb9904f143b40050b7d3",I don't understand,what is the right value? |
I meant binary zero (0x00, \x00, NUL, %00), not literal zero (0x30, "0",%30). |
Hi,I'm sorry if I abuse of your patience, but can you write the right string on which I have to apply the md4 encoder?Many thanks |
Most online tools do not work properly with strings containing binary zeros, so you need local test.
For example this is NT hash calculation using Linux shell:
| Code: |
$ echo -n test | sed -r 's,(.),\1\x00,g' | openssl md4
|
|
|
|
|
|
|
www.waraxe.us Forum Index -> All other hashes
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 3 of 78
Goto page Previous1, 2, 3, 4 ... 76, 77, 78Next
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
Discussions
Tools
Content
Info
Membership:
Latest: 
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 207
Members: 0
Total: 207
