June 16th, 2005 11:15 AM
JTR and Cisilia
This post in in context of some great fun tutorials written by IronGeek and Neutron. And I would appreciate if both IronGeek and Neutron could reply to this thread. I was going through IronGeek's tutorial of cracking cached domain/Active directory NTLM hashes (lsass) with a patch applied to JTR. I intend to crack these NTLM hashes by means of a password cracking cluster  (Neutron's tutorial) using clusterKnoppix. But Neutron did it using Cisilia and the patch for cracking NTLM hashes is actually developed for JTR (as mentioned in IronGeek's tutorial). How can I make Cisilia to crack these NTLM hashes in a distributed environment OR how can I compile JTR (with the patch) to work in a distributed environment.
I have googled distributed JTR, but i want to knw that would it be a good option if i compile a distributed JTR (i.e. DJohn with the patch released for cracking NTLM hashes. I hope I am making myself clear enough.
 Irongeek's -- Tutorial:Cracking Cached Domain/Active Directory Passwords on Windows XP/2000/2003
NeuTron's -- How To Make a Password Cracking Cluster
June 16th, 2005 11:45 AM
It looks (from the documentation) like you'd be good to go with this idea. DJohn simple provides a client/server to interact with John the Ripper to allow co-ordination of it over the network. It requires that JtR already be installed on the system and says that it will support any algorithm that JtR supports.
This means that it's going to work like this..
Run client.... client contacts PC running the server
Clients all call the local copy of JtR... If it's a patched copy, it's going to run that algorithm.
You should make a go of it, and if it does work make a tutorial on the subject.
IT Blog: .:Computer Defense:.
(Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".
June 16th, 2005 08:36 PM
HTRegz, I ll surely write a tutorial for this, once I get my hands dirty on this. But still require more feedback from AO.