#11 pwdump and cain LM and NTLM results

closed
None
5
2011-05-28
2009-10-08
Mr Wolf
No

I'm using rcracki_mt with lm_all-space Rainbow tables:
if I submit a hash with the option -h, it only finds the LM password, while, if I submit a Fgdump file, it finds and it displays the NTLM password, but, if I use the -o option to write the password to a file, it only writes the LM password

Discussion

  • James Nobis

    James Nobis - 2009-10-08

    cain test

     
  • James Nobis

    James Nobis - 2009-10-08

    pwdump test

     
  • James Nobis

    James Nobis - 2009-10-08
    • assigned_to: nobody --> neinbrucke
     
  • James Nobis

    James Nobis - 2009-10-08

    Confirmed on 32bit linux with the cain (-c) and pwdump (-f) options.

    pwdump

    rcracki_mt/rcracki_mt -f pwdump_lm_ntlm.test -2 /mnt/rainbow_tables/freerainbowtables/lm/lm_all-space#1-7_? -o results.txt

    screen output:
    <snip>
    plaintext of b75e0c8d76954a50 is 23
    <snip>
    plaintext of f5f4a866f8138daf is A123*A1
    <snip>
    result
    -------------------------------------------------------
    SyXV a123*a123 hex:613132332a61313233

    results.txt
    b75e0c8d76954a50:23:3233
    f5f4a866f8138daf:A123*A1:413132332a4131

    -------------------------------------------------------------------------------------------------------------------
    Cain
    rcracki_mt/rcracki_mt -c cain_lm_ntlm.test -2 /mnt/rainbow_tables/freerainbowtables/lm/lm_all-space#1-7_? -o results.txt

    screen output:
    <snip>
    plaintext of b75e0c8d76954a50 is 23
    <snip>
    plaintext of f5f4a866f8138daf is A123*A1
    <snip>
    result
    -------------------------------------------------------
    SyXV a123*a123 hex:613132332a61313233

    results.txt:
    b75e0c8d76954a50:23:3233
    f5f4a866f8138daf:A123*A1:413132332a4131

     
  • James Nobis

    James Nobis - 2009-10-08
    • summary: LM hash problem --> pwdump and cain LM and NTLM results
     
  • James Nobis

    James Nobis - 2009-10-08

    Reporter of the bug is running windows.

     
  • Mr Wolf

    Mr Wolf - 2009-10-08

    I'm using Windows XP Professional 32 bit

     
  • Daniël Niggebrugge

    tnx for pointing out this bug, fixed in next release!

     
  • Mr Wolf

    Mr Wolf - 2009-10-09

    No, thanks to you!
    Can you post it here, so I can receive an e-mail when an answer is posterd here?

     
  • James Nobis

    James Nobis - 2011-05-27

    neinbrucke fixed the condition where case correction fails and it has to use unicode correction. In that case it does write the output to the file after his fix and that has been in several releases already. However, for the simple case correction condition this had not been resolved. It is now resolved for -f and -c. The correct version will be available for download as rcracki_mt_0.6.6_beta4 within the next 24hours. I'll post here with the link when that happens.

     
  • James Nobis

    James Nobis - 2011-05-27
    • assigned_to: neinbrucke --> quelrod
     
  • James Nobis

    James Nobis - 2011-05-28

    fixed version pushed to the download page (http://www.freerainbowtables.com/download/) and is rcracki_mt_0.6.6_beta4.

     
  • James Nobis

    James Nobis - 2011-05-28
    • status: open --> closed
     

Log in to post a comment.