Waraxe IT Security Portal
Login or Register
November 23, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 73
Members: 0
Total: 73
Full disclosure
APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1
Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
APPLE-SA-11-19-2024-2 visionOS 2.1.1
APPLE-SA-11-19-2024-1 Safari 18.1.1
Reflected XSS - fronsetiav1.1
XXE OOB - fronsetiav1.1
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> All other hashes -> LM and NTLM Hash decryption Goto page Previous1, 2, 3, 4 ... 76, 77, 78Next
Post new topicReply to topic View previous topic :: View next topic
PostPosted: Wed Mar 11, 2009 9:11 am Reply with quote
mic33
Regular user
Regular user
Joined: Mar 09, 2009
Posts: 11




waraxe wrote:
mic33 wrote:
Thanks for your help and your time!
language is Italian.... I think there aren't "weird" characters (like ÖÄÜÕöäüõ), but there are special characters i.e: $, &, £, etc
Can you help me please?
You are my last hope!!!!!
I appreciate very much!!!!
Thanks you!!!


I tried and with no luck ...
Only option seems to be LM bruteforce with extended charset, which includes ascii > 127.


Thanks!
I'm a beginner, but I want ask you a question:
Yesterday I read on internet LM hash contains until 14 characters, but I'm sure my password is longer, I think it contains 16 characters... so I ask you... maybe your attack with rainbow tables might be against NT hash?
I think there aren't "weird" characters...
Excuse me for the question....
Thanks for help!!!
View user's profile Send private message
PostPosted: Wed Mar 11, 2009 9:32 am Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




In case of len(pass)>14 LM hash will be empty (AAD3B435B51404EEAAD3B435B51404EE), but in your case it is not.
Now, if password really is 16 chars long, then chances are slim, that you are able to crack such NT hash.
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Wed Mar 11, 2009 10:08 am Reply with quote
mic33
Regular user
Regular user
Joined: Mar 09, 2009
Posts: 11




waraxe wrote:
In case of len(pass)>14 LM hash will be empty (AAD3B435B51404EEAAD3B435B51404EE), but in your case it is not.
Now, if password really is 16 chars long, then chances are slim, that you are able to crack such NT hash.



Oh... sorry I'm wrong.... Excuse me... I thought lenght pass > 14...
But if you need to decode only LM hash, why is there also NT hash?
Can you help me with LM bruteforce with extended charset, which includes ascii > 127?
Thanks! I appreciate very much!
View user's profile Send private message
PostPosted: Wed Mar 11, 2009 2:45 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




mic33 wrote:
waraxe wrote:
In case of len(pass)>14 LM hash will be empty (AAD3B435B51404EEAAD3B435B51404EE), but in your case it is not.
Now, if password really is 16 chars long, then chances are slim, that you are able to crack such NT hash.



Oh... sorry I'm wrong.... Excuse me... I thought lenght pass > 14...
But if you need to decode only LM hash, why is there also NT hash?
Can you help me with LM bruteforce with extended charset, which includes ascii > 127?
Thanks! I appreciate very much!


Why are LM and NT hashes both needed ...
LM is for backward compatibility and Win2000 and WinXP usually
store both LM and NT hashes for same password. Exceptions:

1. if password len is > 14 chars, then only NT hash is used
2. in Vista LM support is disabled by default

LM hash is case insensitive, so if you got password ADMIN, then
in reality it can be admin, AdMin, admIN, etc
LM hash is based on two separate 7-char long password parts,
so LM cracking is much more easier compared to NT hash.

About cracking with extended charset ...
For example Cain can crack LM hashes and does support
custom charset, so probably it's able to do the work.
But expect very poor performance for such cracking, because
it's directly related to charset size.
Maybe EGB NT hash bruteforce is able to do same work, but
I'd prefer LM cracking, because you have better chances for
success with it.
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Thu Mar 12, 2009 7:08 am Reply with quote
mic33
Regular user
Regular user
Joined: Mar 09, 2009
Posts: 11




waraxe wrote:
mic33 wrote:
waraxe wrote:
In case of len(pass)>14 LM hash will be empty (AAD3B435B51404EEAAD3B435B51404EE), but in your case it is not.
Now, if password really is 16 chars long, then chances are slim, that you are able to crack such NT hash.



Oh... sorry I'm wrong.... Excuse me... I thought lenght pass > 14...
But if you need to decode only LM hash, why is there also NT hash?
Can you help me with LM bruteforce with extended charset, which includes ascii > 127?
Thanks! I appreciate very much!


Why are LM and NT hashes both needed ...
LM is for backward compatibility and Win2000 and WinXP usually
store both LM and NT hashes for same password. Exceptions:

1. if password len is > 14 chars, then only NT hash is used
2. in Vista LM support is disabled by default

LM hash is case insensitive, so if you got password ADMIN, then
in reality it can be admin, AdMin, admIN, etc
LM hash is based on two separate 7-char long password parts,
so LM cracking is much more easier compared to NT hash.

About cracking with extended charset ...
For example Cain can crack LM hashes and does support
custom charset, so probably it's able to do the work.
But expect very poor performance for such cracking, because
it's directly related to charset size.
Maybe EGB NT hash bruteforce is able to do same work, but
I'd prefer LM cracking, because you have better chances for
success with it.


Ok! Thanks for explaination....
Please, can you help me with this difficult crack?
thanks in advance!!!!
View user's profile Send private message
PostPosted: Thu Mar 12, 2009 8:57 am Reply with quote
darcsacka
Beginner
Beginner
Joined: Mar 12, 2009
Posts: 4




ok i have these 2 nt hashes:

59f4f2bb98b1d46e5b1cc69e53dd0d98
59f4f2bb98b1d46e5b1cc69e53ddod98

i need the passes.....from there
any1 with an ideea?..... hashes created with ophcrack from a vista buisniss

thank u in advance
View user's profile Send private message
PostPosted: Thu Mar 12, 2009 3:41 pm Reply with quote
pierpox
Regular user
Regular user
Joined: Mar 12, 2009
Posts: 7




Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice?
View user's profile Send private message
PostPosted: Thu Mar 12, 2009 4:58 pm Reply with quote
darcsacka
Beginner
Beginner
Joined: Mar 12, 2009
Posts: 4




yes nt hash is nt hash and md5 is md5....2 different things...2 different algorythms Smile
View user's profile Send private message
PostPosted: Thu Mar 12, 2009 5:03 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




pierpox wrote:
Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice?


NT hash is basically md4 hash of Unicode password:

http://davenport.sourceforge.net/ntlm.html

Code:

Password: SecREt01

The Unicode mixed-case password is "0x53006500630052004500740030003100" in hexadecimal; the MD4 hash of this value is calculated, giving "0xcd06ca7c7e10c99b1d33b7485a2ed808". This is the NTLM hash.


So if you have simple password, consisting of lower-ascii characters, then just put binary zero after every char and then take md4 hash Smile
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Thu Mar 12, 2009 5:28 pm Reply with quote
pierpox
Regular user
Regular user
Joined: Mar 12, 2009
Posts: 7




waraxe wrote:
pierpox wrote:
Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice?


NT hash is basically md4 hash of Unicode password:

http://davenport.sourceforge.net/ntlm.html




Code:

Password: SecREt01

The Unicode mixed-case password is "0x53006500630052004500740030003100" in hexadecimal; the MD4 hash of this value is calculated, giving "0xcd06ca7c7e10c99b1d33b7485a2ed808". This is the NTLM hash.


So if you have simple password, consisting of lower-ascii characters, then just put binary zero after every char and then take md4 hash Smile


thanks for the reply...but using this site http://tools.web-max.ca/encode_decode.php for calculating the md4 hash value of "53006500630052004500740030003100" the result is :"534fa82d2e2feb9904f143b40050b7d3",I don't understand,what is the right value?
View user's profile Send private message
PostPosted: Thu Mar 12, 2009 9:22 pm Reply with quote
darcsacka
Beginner
Beginner
Joined: Mar 12, 2009
Posts: 4




well i have the sam and system file. any other methods then bruteforce known for cracking the pass?
View user's profile Send private message
PostPosted: Thu Mar 12, 2009 11:31 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




pierpox wrote:
waraxe wrote:
pierpox wrote:
Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice?


NT hash is basically md4 hash of Unicode password:

http://davenport.sourceforge.net/ntlm.html




Code:

Password: SecREt01

The Unicode mixed-case password is "0x53006500630052004500740030003100" in hexadecimal; the MD4 hash of this value is calculated, giving "0xcd06ca7c7e10c99b1d33b7485a2ed808". This is the NTLM hash.


So if you have simple password, consisting of lower-ascii characters, then just put binary zero after every char and then take md4 hash Smile


thanks for the reply...but using this site http://tools.web-max.ca/encode_decode.php for calculating the md4 hash value of "53006500630052004500740030003100" the result is :"534fa82d2e2feb9904f143b40050b7d3",I don't understand,what is the right value?


I meant binary zero (0x00, \x00, NUL, %00), not literal zero (0x30, "0",%30).
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Fri Mar 13, 2009 7:05 am Reply with quote
pierpox
Regular user
Regular user
Joined: Mar 12, 2009
Posts: 7




waraxe wrote:
pierpox wrote:
waraxe wrote:
pierpox wrote:
Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice?


NT hash is basically md4 hash of Unicode password:

http://davenport.sourceforge.net/ntlm.html




Code:

Password: SecREt01

The Unicode mixed-case password is "0x53006500630052004500740030003100" in hexadecimal; the MD4 hash of this value is calculated, giving "0xcd06ca7c7e10c99b1d33b7485a2ed808". This is the NTLM hash.


So if you have simple password, consisting of lower-ascii characters, then just put binary zero after every char and then take md4 hash Smile


thanks for the reply...but using this site http://tools.web-max.ca/encode_decode.php for calculating the md4 hash value of "53006500630052004500740030003100" the result is :"534fa82d2e2feb9904f143b40050b7d3",I don't understand,what is the right value?


I meant binary zero (0x00, \x00, NUL, %00), not literal zero (0x30, "0",%30).


Hi,I'm sorry if I abuse of your patience, Embarassed but can you write the right string on which I have to apply the md4 encoder?Many thanks Very Happy
View user's profile Send private message
PostPosted: Fri Mar 13, 2009 7:19 am Reply with quote
mic33
Regular user
Regular user
Joined: Mar 09, 2009
Posts: 11




mic33 wrote:
waraxe wrote:
mic33 wrote:
waraxe wrote:
In case of len(pass)>14 LM hash will be empty (AAD3B435B51404EEAAD3B435B51404EE), but in your case it is not.
Now, if password really is 16 chars long, then chances are slim, that you are able to crack such NT hash.



Oh... sorry I'm wrong.... Excuse me... I thought lenght pass > 14...
But if you need to decode only LM hash, why is there also NT hash?
Can you help me with LM bruteforce with extended charset, which includes ascii > 127?
Thanks! I appreciate very much!


Why are LM and NT hashes both needed ...
LM is for backward compatibility and Win2000 and WinXP usually
store both LM and NT hashes for same password. Exceptions:

1. if password len is > 14 chars, then only NT hash is used
2. in Vista LM support is disabled by default

LM hash is case insensitive, so if you got password ADMIN, then
in reality it can be admin, AdMin, admIN, etc
LM hash is based on two separate 7-char long password parts,
so LM cracking is much more easier compared to NT hash.

About cracking with extended charset ...
For example Cain can crack LM hashes and does support
custom charset, so probably it's able to do the work.
But expect very poor performance for such cracking, because
it's directly related to charset size.
Maybe EGB NT hash bruteforce is able to do same work, but
I'd prefer LM cracking, because you have better chances for
success with it.


Ok! Thanks for explaination....
Please, can you help me with this difficult crack?
thanks in advance!!!!




Excuse me.... do you need time to decode this difficult hash?
Is it possible?
Can you help me, please?
I wait you... you are fantastic!
Thanks very much!!!!
thanks very much
View user's profile Send private message
PostPosted: Fri Mar 13, 2009 8:13 am Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




pierpox wrote:
waraxe wrote:
pierpox wrote:
waraxe wrote:
pierpox wrote:
Hi guys, I'd like to ask an information.I tried to extract from my laptop with windows vista the SAM and SYSTEM files and I have loaded them with ophcrack.On the row with my user name there is just an NT HASH code , all other fields are empty.The strange thing is: calculating the hash code of my vista login password with the MD4 or MD5 algorithm , none of these values matches that of NT HASH.So my question is: what type of information does NT HASH collect about my login password? I thought that NT HASH was the hash code of the password calculated with the MD5 or MD4 algorithm ...can someone give me some advice?


NT hash is basically md4 hash of Unicode password:

http://davenport.sourceforge.net/ntlm.html




Code:

Password: SecREt01

The Unicode mixed-case password is "0x53006500630052004500740030003100" in hexadecimal; the MD4 hash of this value is calculated, giving "0xcd06ca7c7e10c99b1d33b7485a2ed808". This is the NTLM hash.


So if you have simple password, consisting of lower-ascii characters, then just put binary zero after every char and then take md4 hash Smile


thanks for the reply...but using this site http://tools.web-max.ca/encode_decode.php for calculating the md4 hash value of "53006500630052004500740030003100" the result is :"534fa82d2e2feb9904f143b40050b7d3",I don't understand,what is the right value?


I meant binary zero (0x00, \x00, NUL, %00), not literal zero (0x30, "0",%30).


Hi,I'm sorry if I abuse of your patience, Embarassed but can you write the right string on which I have to apply the md4 encoder?Many thanks Very Happy


Most online tools do not work properly with strings containing binary zeros, so you need local test.
For example this is NT hash calculation using Linux shell:

Code:

$ echo -n test | sed -r 's,(.),\1\x00,g' | openssl md4
View user's profile Send private message Send e-mail Visit poster's website
LM and NTLM Hash decryption
www.waraxe.us Forum Index -> All other hashes
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 3 of 78
Goto page Previous1, 2, 3, 4 ... 76, 77, 78Next
Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.053 Seconds