Jump to content

Hash (MD5? LM? NT?)


Recommended Posts

Posted

Hi I used the ophcrack live CD to crack my computer but I can't crack the password, on the NT Hash space, on the administrator appear 4dc86cf2ebcac3d5dafe2e3e15561c16.

Anyone can teach me how do I crack this pass? Tnx a lot

Posted

If its a live CD then you won't have a very large rainbow table on it.

Given that its your first post and you really don't seem to know what your doing I'll explain.

The rainbow table is a table which matches password to its hash. The crack the password, it takes the hash and checks it against all of its hashes, if a match is found then you get the password.

Problem is there are loads of pairs, which take up quite a bit of room. Which means a CD will only hold a limited number (in fact a DVD doesn't do much more). We are talking in the >100GBs of tables here.

So the first thing you need to do is see what rainbow table you have. A good table will say what it includes, such as upper/lower case, numbers and special characters, plus the number of characters used. If you haven't been able to crack the hash then it isn't in that subset you have got.

To almost guarantee cracking, you'll need the biggest rainbow table you can get your hands on, and run Ophcrack against it, or your favorite cracking software.

Posted
If its a live CD then you won't have a very large rainbow table on it.

Given that its your first post and you really don't seem to know what your doing I'll explain.

The rainbow table is a table which matches password to its hash. The crack the password, it takes the hash and checks it against all of its hashes, if a match is found then you get the password.

Problem is there are loads of pairs, which take up quite a bit of room. Which means a CD will only hold a limited number (in fact a DVD doesn't do much more). We are talking in the >100GBs of tables here.

So the first thing you need to do is see what rainbow table you have. A good table will say what it includes, such as upper/lower case, numbers and special characters, plus the number of characters used. If you haven't been able to crack the hash then it isn't in that subset you have got.

To almost guarantee cracking, you'll need the biggest rainbow table you can get your hands on, and run Ophcrack against it, or your favorite cracking software.

But I have to use a table for NT right?

Posted

How did you get the hash? I'm guessing pwdump? When you load up ophcrack and import the dump file and/or hash it should tell you if its an NTLM or LM hash (hopefully its an LM hash, they're weaker).

You can also try submitting the hash to a place like www.plain-text.info to see if it's already been cracked by them.

btw, MD5 and NTLM hashes are the same thing: http://en.wikipedia.org/wiki/NTLM

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...