How is it possible to tell if the LANman plaintext password security hole has been fixed and also how is it possible to tell what sort of encryption is being used MD4, MD5 when using samdump to get password hashes. Will John the ripper try to crack MD4 system passwords or will it give some sort of error message? also what service pack does MD4 come as standard with because i have been having problems trying to nail a service pack 3 SAM password i have dumped the hashes by a method i am not even going to go into (My good God it took some time) and i know the password is at least 7 letters long anyone any idea how long the cracking of this could take i did some calculations at 1,000,000 try's a second (Jack the Ripper) it could take about 34 days anyone got any real experience of how long this is gunna take?