Need help with Brute Force cracking.

[nihil]

well... i couldnt make L0pht go faster... fastest it goes = used no more than 50% of cpu power always. i did set it on lower priority so it wouldnt lag my comp when i was on it. 3.9ghz p4 and 2gb ram.

When you crack passwords you use a 100% dedicated machine set to prioritise programs, rather than services. You do not run other applications at the same time.

it seemed to come out as MD5 .

It didn't

i dont know if SP2 automatically uses it.

It doesn't

where do i search the registry for that option 0 - 1 for LM - MD5?

You don't. You might try a search engine such as Google to find out why, or just go to post #11 in this thread and follow the link I gave you there.

[e><ius]

When you crack passwords you use a 100% dedicated machine set to prioritise programs, rather than services. You do not run other applications at the same time.

in XP, where can i change the settings to force/allow 100% cpu power for the program (and not services)? would i go as follows, "Task Manager >> Processes >> Right-click program >> set "Realtime" processing" ?

and i remember reading about that registry option... just didnt know which stack of papers was it in. thx for redirecting

[nihil]

Hah! so you now know that with a Windoze password it will be LM or NT?

MD5,4,3,2 (don't remember if there was a 1.........it would have been before my time) relate to encryption algorithms, but not those used on your native Windoze password.

Hmmm, a bit difficult right now as my XP box is offline for refurbishment, but you go into <Settings> and then <Control Panel> and look at whatever it offers for memory management............... I think that you might have to go to "advanced" (settings) to do that? You have an option to select services or applications priority.

Just go into task manager and shut down applications you are not using......use the system tray to do this first. if the memory is available and the CPU power is there, then Billy Windoze will generally do it reasonably right. Also make sure that it is not connected to the internet, so you can turn off AV and firewalls.

The registry option I pointed you to (from the opposite direction as I recall) will stop the use of the (weak) LM hash. As I said, Billy Windoze will only use LM or NT hashes.

By "100% dedicated" I mean that it is the only application that you are running; not that it is using 100% CPU........

From the time it took your kit, I would suspect that it might have defaulted to an NT hash?............please try to get hold of an older device for experimentation.............I never feel comfortable with students using production boxes for this kind of stuff.

[metguru]

Windows still defaults to LM hashes for backwards compatability.

Hmm, thats odd. I thought this myself, but now i'm confused (sorry to get a little off subject, but its somewhat relevant, cause you need to know what type of hash your cracking).
Anyway, I have used cain to retrieve password hashes from my computer, and it used to give me an LM and NTLM hash, but I recently tried to get the LM to show someone else how Cain works, and it only gave me the NTLM hash, and my password is only 6 characters long. Could this be a recent windows update, as I'm the only person who uses my computer? Or has something else changed the registry setting?

[nihil]

Hi metguru,

This is how to check your Registry setting:

http://geeksaresexy.blogspot.com/200...m-hash-of.html

Do you actually have a DWORD entry "NoLMHash"? if not, then Windows should use its defaults, I would have thought?

I don't think that it is a Windows update as this is what Microsoft have to say:

http://support.microsoft.com/kb/299656

That article was last reviewed 31 January 2007. I would have thought that if there had been a patch since then, that changed the default, MS would have announced it, as there must be a lot of outfits around the World that still support legacy systems on networks. I don't think that MS would want all the helpdesk calls?

[metguru]

thats odd, nolmhash has a value of 0. oh well..

[nihil]

Hmmmmm, no ideas mate...............I can only go by what MS tell us

Have you tried creating a new account and see what it does with that?

[not_it]

Why would you enable dictionary crack options at all? Just curious because it seems like it's a completely random string. Also, have you tried ophcrack live cd?

[e><ius]

not it

it was just a test earlier... then i turned it off because i knew i'd be wasting my precious computer time.