Getting an LM pass crcked is usually pretty easy (just run SAM inside or some other run of the mill pass cracker) the NT pass is always a pain in the McCain.As for its speed, less than 2 seconds is pretty darn good for a brute force attack.I bet the specialization in just NT hashes has something to do with the speed up.
Ive got a 64GB set from the Shmoo group, for all printable characters. Probably could use some performance tweaking, but the longest Ive ever had it run on an LM hash is about 15 minutes, and it returns the NT hash as well. One tool in there, whosthere, will dump LM hashes for any user logged in to a system, including domain logins, provided LM hashes havent been disabled by policy. Lm Hash Nt Hash Decrypt Cracked Just LikeThese domain LM hashes can be cracked just like any other LM hash. Lm Hash Nt Hash Decrypt Code Closely AsHavent looked at the code closely as to whybut the tool returns errnous NT hash given an LM hash. Lm Hash Nt Hash Decrypt Password To SeeThis means that you need actual password to see if the passwords are reused. Password cracking tools like JtR will crack certain passwords in a matter of seconds (dictionary based word with simple letter in the backsomething like Rainbow1)whereas rainbow table based cracking will still take you about 10-15 minutes (depending on your table). So you need to run both to crack the passwords that are easy to crack with JtR, with JtR, then crack the uncracked ones with rainbow tables. The author must not have taken basic CS courses Creating an array full of all the permutation before you do any hash computationcomparison is a huge waste of time and memory (and causes really messy codes). Use DFS on a binary tree, where each branching depends on case (and obviously the char that doesnt need different case, you dont branch). A few simple recursions, fewer lines of code, much faster, and much more elegant.
0 Comments
Leave a Reply. |