setzer1411 Posted March 27, 2008 Share Posted March 27, 2008 I recently installed Gonzors 2.0 switchblade, which has the option to dump the windows cache Example: *******:********************************:***:***.**.**.*** Username, hash and domain removed by request of British Petroleum This is what is returned, I am new to playing with hashes and I am completely lost as to how this can be converted back to the original password. If anyone will please enlighten me, I would greatly appreciate it. Google suggested ophcrack, if this will work where do I get the tables it requires? Thank you again. I think this is MD5 format, can someone confirm this and maybe explain what it means? Il be googleing until I see a reply, thank you. Quote Link to comment Share on other sites More sharing options...
Joerg Posted March 27, 2008 Share Posted March 27, 2008 Search for "rainbow tables" and "rainbowcrack". I also suggest reading hyyp://www.securiteam.com/tools/5JP0I2KFPA.html Quote Link to comment Share on other sites More sharing options...
kz26 Posted March 28, 2008 Share Posted March 28, 2008 These are username-salted MSCASH hashes, thus rainbow tables won't work. You will need something like John The Ripper (with the MSCASH patch), cachebf, or Cain and Abel to perform a dictionary and/or brute force attack. Quote Link to comment Share on other sites More sharing options...
setzer1411 Posted March 28, 2008 Author Share Posted March 28, 2008 do tell my friend im in the dark Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.