Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#16 Unicode correction does not end

open
James Nobis
None
5
2011-05-27
2010-01-05
Anonymous
No

I am using rcracki_mt 0.6.3 on Debian Linux. I am using the lm_all-space#1-7_0_10000x67108864 tables from the freerainbowtables mirror. When cracking this hash:

PC$:100:09E93060322B43C26A05E3B3B28E740A:7D50B639908CCDDAC3BDA8AD9826E510:[W ]:LCT-00000000:

the Unicode correction never stops, and seems to go beyond the number of characters in the password. Also the Mhashes/s value is observed to go negative sometimes. The correction has to be skipped manually for rcracki_mt to continue. See attached debug log.

Discussion

  • James Nobis
    James Nobis
    2011-05-27

    It has been a while since rcracki_mt_0.6.3. I'm at 60min+ and haven't reached the ntlm hash yet but will let it run till completion or failure and update with further notes.

    The output for Mhashes/s doesn't appear to go negative for me on x86_64 Debian GNU/Linux. The factorial function was incorrect both in operation and that it returned a signed int which was too small for say factorial(14). This part has been addressed so you get proper output where it says N.N% of combination N/N. In this example because the LM is a full 14 characters:
    Trying full unicode map for 0/14 characters...
    combination N/1
    Trying full unicode map for 1/14 characters...
    combination N/14
    Trying full unicode map for 2/14 characters...
    combination N/91
    Trying full unicode map for 3/14 characters...
    combination N/364
    Trying full unicode map for 4/14 characters...
    combination N/1001
    Trying full unicode map for 5/14 characters...
    combination N/2002
    Trying full unicode map for 6/14 characters...
    combination N/3003
    Trying full unicode map for 7/14 characters...
    combination N/3432
    Trying full unicode map for 8/14 characters...
    combination N/3003
    Trying full unicode map for 9/14 characters...
    combination N/2002
    Trying full unicode map for 10/14 characters...
    combination N/1001
    Trying full unicode map for 11/14 characters...
    combination N/364
    Trying full unicode map for 12/14 characters...
    combination N/91
    Trying full unicode map for 13/14 characters...
    combination N/14
    Trying full unicode map for 14/14 characters...
    combination N/1

    Additionally, the time was stored using clock() which for longer runs of correction would be either completely incorrect or negative and has been moved to gettimeofday.

     
  • James Nobis
    James Nobis
    2011-05-27

    • assigned_to: nobody --> quelrod