HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 93 guests and 5 members online
EH-Net News Feeds
Latest Additions
 
Advertisement

You are here: Home arrow Forum arrow Ethical Hacking Discussions and Related Certificationsarrow Network Pen Testingarrow John The Ripper crack upper letter
EH-Net
May 26, 2012, 08:09:50 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Advertise on EH-Net!! - Reasonable Rates, Highly Targeted Audience.
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: John The Ripper crack upper letter  (Read 2773 times)
0 Members and 1 Guest are viewing this topic.
impelse
Sr. Member
****
Offline Offline

Posts: 493


View Profile
« on: December 08, 2011, 11:01:22 PM »
I am doing a lab for CPTE, I got a SAM from my Windows XP vulnerable.

When I run:

john hashes.txt

The tool crack the password but put it all in upper letters when I know that it is not true, I googled and I did not get anything, any idea why?
Logged
CCNA, Security+, 70-290, 70-291
CCNA Security, Working Windows 7 70-680
lorddicranius
Sr. Member
****
Offline Offline

Posts: 396



View Profile WWW
« Reply #1 on: December 08, 2011, 11:22:32 PM »
Read up on LM/NTLM hashing.  Here's one page I found that gives a quick run down near the beginning:

http://insidetrust.blogspot.com/2011/01/password-cracking-using-john-ripper-jtr.html

It also goes into tweaking JTR to crack and show upper-/lowercase.  I haven't tested this on my own, just something I found real quick.  Hope it helps!
Logged
Blog: http://lorddicranius.wordpress.com/
eth3real
Sr. Member
****
Offline Offline

Posts: 295



View Profile WWW
« Reply #2 on: December 09, 2011, 08:06:27 AM »
impelse, LM hashes convert everything to uppercase, meaning that passwords using LM hashes would be case insensitive.

Check out the wiki page for LM Hashes:
http://en.wikipedia.org/wiki/LM_hash

Quote
The LM hash is computed as follows:

   1.  The user’s ASCII password is converted to uppercase.

Another interesting thing to note, is that it separates the password into two 7 character parts, and hashes them separately. Anything more than 14 characters is truncated, and you never have to crack a hash of more than 7 characters. Shocked

NTLM hashes are a bit more complex. Smiley
Logged
Put that in your pipe and grep it!
impelse
Sr. Member
****
Offline Offline

Posts: 493


View Profile
« Reply #3 on: December 09, 2011, 08:59:48 AM »
Oh man, I will need to reveiw very carefully this, I thought I was understanding what I was doing.

This is my problem, when I get some issue, I stayed until I get it and this mean that I never move forward....

I think is good.
Logged
CCNA, Security+, 70-290, 70-291
CCNA Security, Working Windows 7 70-680
impelse
Sr. Member
****
Offline Offline

Posts: 493


View Profile
« Reply #4 on: December 10, 2011, 09:29:23 PM »
Quote from: lorddicranius on December 08, 2011, 11:22:32 PM
Read up on LM/NTLM hashing.  Here's one page I found that gives a quick run down near the beginning:

http://insidetrust.blogspot.com/2011/01/password-cracking-using-john-ripper-jtr.html

It also goes into tweaking JTR to crack and show upper-/lowercase.  I haven't tested this on my own, just something I found real quick.  Hope it helps!

I followed the tutorial of this link and yep, I got it the right way, lower and uppercase, very interesting... Now I will follow the lab with Cain and Abel
Logged
CCNA, Security+, 70-290, 70-291
CCNA Security, Working Windows 7 70-680
lorddicranius
Sr. Member
****
Offline Offline

Posts: 396



View Profile WWW
« Reply #5 on: December 10, 2011, 11:33:52 PM »
Glad it worked for ya!  Thanks for the heads up as well, letting us know it worked.  I'll reference that site again when I jump back into studying password cracking.
Logged
Blog: http://lorddicranius.wordpress.com/
Jamie.R
Hero Member
*****
Offline Offline

Posts: 626



View Profile WWW
« Reply #6 on: December 12, 2011, 06:45:50 AM »
You may want check out http://korelogic.com/
Logged
OSWP | eCPPT | HackingDojo Nidan
www.jamierougive.co.uk
eth3real
Sr. Member
****
Offline Offline

Posts: 295



View Profile WWW
« Reply #7 on: December 12, 2011, 11:04:20 AM »
Yeah, the trick here is to have both the LM hash and the NTLM hash.

Once you crack both 7-character, all uppercase, LM hashes, it will use that to crack the NTLM hash, like a dictionary. It will try every combination of upper and lower to give you the proper password.

Cain & Abel is really easy to do this also, but it's a bit slower than John The Ripper.
Logged
Put that in your pipe and grep it!
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.071 seconds with 22 queries.
 

gk_static-ad_feb2012.jpg
Global Knowledge: Build Security Skills to Protect & Defend

els_130x200fixed2.gif
eLearnSecurity Student Course Now Live!
5% Off with Code
ELS-EH-5

SANS Deals 4 EH-Netters
$150 OFF Any SANS Course in Any Format!
Coupon Code: EHN_Connect Including SANS Security West 2012 & SANSFIRE 2012
Recent Forum Topics

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!

Vote For EH-Net

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2012 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.