-
April 25th, 2005, 09:56 PM
#1
Junior Member
DumpCache
Just wondering if anyone has successfully used this tool. I grabbed 4 or 5 hashes off of a machine. I'm trying to import into a pw cracker, but most progs aren't recognizing it. I'm using John on it right now, but its been running for over a week and hasn't turned up anything yet. Just wondering if anyone uses this tool, and has some tips...
-
April 25th, 2005, 10:03 PM
#2
A week and nothing? Must be some heavy duty pw's
"Never give in-never, never, never, in nothing great or small, large or petty, never give in to convictions of honor and good sense. Never yield to force; never yield to the apparently overwhelming might of the enemy!" - Winston Churchill
-
April 25th, 2005, 10:04 PM
#3
I'm not sure I understand the problem. You are asking about the usefulness of DumpCache, but your problem is that John hasn't found anything yet?
So is the question about John or DumpCache?
My suggestion is to make a bogus account or two on your machine with easy to break passwords, and then run whatever set of tools you are using to make sure that they can in fact properly crack them. Maybe you forgot a module for john or something.
Then again, maybe they're just strong passwords.
Why exactly are you doing this and on whose computer anyway?
Government is like fire - a handy servant, but a dangerous master - George Washington
Government is not reason, it is not eloquence - it is force. - George Washington.
Join the UnError community!
-
April 25th, 2005, 10:18 PM
#4
Junior Member
Why exactly are you doing this and on whose computer anyway?
It's work related... (work being the govt.)
The issue I'm having is that most crackers aren't recognizing the format that dumpcache spits out. John seems to be the only one so far. And I'm aware that the stronger the pw is, the longer it will take. I've got a quad-xeon working on it...
Anywho, I like your idea of creating bogus accounts with weak passwords just to test. I think I'll try that now... just to make sure John is actually recognizing the file.
-
April 25th, 2005, 10:22 PM
#5
Have you tried Lopht Cracker?
"Never give in-never, never, never, in nothing great or small, large or petty, never give in to convictions of honor and good sense. Never yield to force; never yield to the apparently overwhelming might of the enemy!" - Winston Churchill
-
April 25th, 2005, 10:25 PM
#6
hrmm...
Seems I recall something like this happening when I used pwdump2 to dump some hashes from a Win 2K server... Cesillia didn't recognize it as a valid hash, nor did another cracker (I can't remember which), but JtR cranked on it... However, I gave up and killed it after a day and a night... However, the hashes were from passwords much longer than 14 characters (around 30 chars or so), which means (if memory serves) that some bug in Win2K prevents them from being stored correctly, and thus, generates "bad" hashes... I'll check back on that w/ an edit in a few...
So, I guess the question is - will JtR crank on bad hashes???
-Wiski
EDIT: bah - seems I'm mistaken... Apparently before SP4, Win2K would truncate passwds down to 14 characters... but the resulting hash was still valid...
http://www.windowsecurity.com/pages/..._p.asp?id=1380
However - I wonder why JtR would recognize these hashes as valid when Cesillia and the other (*still* can't remember which) would not... most mysterious... :???
-
April 25th, 2005, 10:28 PM
#7
Junior Member
Originally posted here by RogueSpy
Have you tried Lopht Cracker?
Yup, that's what I tried first. Then cain, now JtR
-
April 25th, 2005, 10:51 PM
#8
Do you mean Cahedump? I've used it and it work fine if the password is simple enough or you have a lot of time.
-
April 25th, 2005, 11:29 PM
#9
Junior Member
Originally posted here by Irongeek
Do you mean Cahedump? I've used it and it work fine if the password is simple enough or you have a lot of time.
I did mean CacheDump... haha, thanks!
-
April 26th, 2005, 12:13 AM
#10
I have a few tutorials on it. On my site, more than likely the passwords you are trying to bread on rather complex. If you run a bruteforce with Cain it should tell you how long to run though the keyspace, if it's a few thousand years I would just give up.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|