DumpCache
Results 1 to 10 of 10

Thread: DumpCache

  1. #1
    Junior Member
    Join Date
    Apr 2005
    Posts
    9

    DumpCache

    Just wondering if anyone has successfully used this tool. I grabbed 4 or 5 hashes off of a machine. I'm trying to import into a pw cracker, but most progs aren't recognizing it. I'm using John on it right now, but its been running for over a week and hasn't turned up anything yet. Just wondering if anyone uses this tool, and has some tips...

  2. #2
    Forgotten Ghost RogueSpy's Avatar
    Join Date
    Aug 2001
    Location
    Cyberspace
    Posts
    783
    A week and nothing? Must be some heavy duty pw's
    "Never give in-never, never, never, in nothing great or small, large or petty, never give in to convictions of honor and good sense. Never yield to force; never yield to the apparently overwhelming might of the enemy!" - Winston Churchill

  3. #3
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    I'm not sure I understand the problem. You are asking about the usefulness of DumpCache, but your problem is that John hasn't found anything yet?

    So is the question about John or DumpCache?

    My suggestion is to make a bogus account or two on your machine with easy to break passwords, and then run whatever set of tools you are using to make sure that they can in fact properly crack them. Maybe you forgot a module for john or something.

    Then again, maybe they're just strong passwords.

    Why exactly are you doing this and on whose computer anyway?
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  4. #4
    Junior Member
    Join Date
    Apr 2005
    Posts
    9
    Why exactly are you doing this and on whose computer anyway?
    It's work related... (work being the govt.)



    The issue I'm having is that most crackers aren't recognizing the format that dumpcache spits out. John seems to be the only one so far. And I'm aware that the stronger the pw is, the longer it will take. I've got a quad-xeon working on it...

    Anywho, I like your idea of creating bogus accounts with weak passwords just to test. I think I'll try that now... just to make sure John is actually recognizing the file.

  5. #5
    Forgotten Ghost RogueSpy's Avatar
    Join Date
    Aug 2001
    Location
    Cyberspace
    Posts
    783
    Have you tried Lopht Cracker?
    "Never give in-never, never, never, in nothing great or small, large or petty, never give in to convictions of honor and good sense. Never yield to force; never yield to the apparently overwhelming might of the enemy!" - Winston Churchill

  6. #6
    Senior Member wiskic10_4's Avatar
    Join Date
    Jan 2004
    Location
    Corpus Christi, TX
    Posts
    254
    hrmm...

    Seems I recall something like this happening when I used pwdump2 to dump some hashes from a Win 2K server... Cesillia didn't recognize it as a valid hash, nor did another cracker (I can't remember which), but JtR cranked on it... However, I gave up and killed it after a day and a night... However, the hashes were from passwords much longer than 14 characters (around 30 chars or so), which means (if memory serves) that some bug in Win2K prevents them from being stored correctly, and thus, generates "bad" hashes... I'll check back on that w/ an edit in a few...

    So, I guess the question is - will JtR crank on bad hashes???

    -Wiski

    EDIT: bah - seems I'm mistaken... Apparently before SP4, Win2K would truncate passwds down to 14 characters... but the resulting hash was still valid...
    http://www.windowsecurity.com/pages/..._p.asp?id=1380
    However - I wonder why JtR would recognize these hashes as valid when Cesillia and the other (*still* can't remember which) would not... most mysterious... :???

    My Corner of the Intarwebz: Jeremy Dean Online

  7. #7
    Junior Member
    Join Date
    Apr 2005
    Posts
    9
    Originally posted here by RogueSpy
    Have you tried Lopht Cracker?
    Yup, that's what I tried first. Then cain, now JtR

  8. #8
    King Tutorial-ankhamun
    Join Date
    Jul 2004
    Posts
    897
    Do you mean Cahedump? I've used it and it work fine if the password is simple enough or you have a lot of time.

  9. #9
    Junior Member
    Join Date
    Apr 2005
    Posts
    9
    Originally posted here by Irongeek
    Do you mean Cahedump? I've used it and it work fine if the password is simple enough or you have a lot of time.
    I did mean CacheDump... haha, thanks!

  10. #10
    King Tutorial-ankhamun
    Join Date
    Jul 2004
    Posts
    897
    I have a few tutorials on it. On my site, more than likely the passwords you are trying to bread on rather complex. If you run a bruteforce with Cain it should tell you how long to run though the keyspace, if it's a few thousand years I would just give up.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •