Jump to content

Can't crack this password hash!


Tortilla

Recommended Posts

hi

Here are the hashes;

Using pipe {C062BC58-DE56-4FEB-B994-E80D2C502959}

Key length is 16

Administrator:500:0D22A2EC19E985FECCC146886D951221:E5E261118A9F1D9C322B4A32C3985

220:::

ASPNET:1004:FE713FE62DE16111A94A5D370AD2572D:99C502809783256C5FD29FF5D59BF43F:::

ASPNET_history_0:1004:8C2C2AB9A5FB1D9F8E9AF5CA36BB6BCA:6D78D80C214AD6C17614D6F91

7C32CFB:::

Guest:501:NO PASSWORD*********************:NO PASSWORD*********************:::

HelpAssistant:1000:8CFB8EAFF582C095E83158A0A4EE76BC:29C70955FE298C02DC88D66A1FCC

8C7A:::

IUSR_UMGG19C-99:1005:D5D52AE76E3A9DB6AA4C2D57DDE6D645:295F65C6D00FC6E309B213E2F5120DE4:::

IUSR_UMGG19C-99_history_0:1005:D5D52AE76E3A9DB6AA4C2D57DDE6D645:295F65C6D00FC6E309B213E2F5120

DE4:::

IWAM_UMGG19C-99:1006:014BACF2CAC95102920A421C96500485:E1EFF922F5C16238291A9C9761E898DA:::

SQLDebugger:1012:NO PASSWORD*********************:958E6D6BD3C79E3DBC406E9527403375:::

SUPPORT_388945a0:1002:NO PASSWORD*********************:D7789B96A2FF935ADEE9680C26CA47BD:::

Completed.

pwdump6 Version 1.7.1 by fizzgig and the mighty group at foofus.net

Copyright 2008 foofus.net

This program is free software under the GNU

General Public License Version 2 (GNU GPL), you can redistribute it and/or

modify it under the terms of the GNU GPL, as published by the Free Software

Foundation. NO WARRANTY, EXPRESSED OR IMPLIED, IS GRANTED WITH THIS

PROGRAM. Please see the COPYING file included with this program

and the GNU GPL for further details.

The only password I need are the IUSR account, the IWAM account & (of course) the Administrator account.

Please tell me what they are, or tell me how I can utilise rainbow tables to decrypt them myself.

thanks (in advance)

Tortilla

Link to comment
Share on other sites

Can't crack this password hash!, Please help me! I don't know how to use rainbow tables!

Tutorial

Google: How to use rainbow tables

Google: How do I stop being so lazy

Google: Computer Crime Laws

Google: Criminal Justice Attorneys

Google: How to survive in Prison

Not tryign to be mean or rude just expressing a point

Link to comment
Share on other sites

one thing is explaining your situation but asking people to do your dirty work is another and if u wore smart enough to watch some of the past seasons of Hak5 it kinda teaches you to crack your own password hashes

and also there is another tool called Google and seems like u cant master that witch i pity you

Link to comment
Share on other sites

Watch all of them maybe you'll learn things like, i dunno, ethics?

Link to comment
Share on other sites

Should watch? All of them of course ;)

Is what i say.

Link to comment
Share on other sites

You should start by reading the documentation and errata for the software/process your having issues with. Googling common terms like rainbow table guide tutorial how-to etc should point you in the right direction. Lastly, you need to experiment with this, play around with it and see what happens.

Link to comment
Share on other sites

Alright.

Um, I have found something that does it (it worked) but it says that I need to pay to view the password :angry:

Not to worry, it also says that after 72 hours, they'll just give it to me.

But for next time, I'd rather use a different method (other than waiting 72 hours or paying).

That is, doing it for free (no strings attached).

Can someone please recommend me a small program (less than 300MB) that will be able to achieve windows hash decrypting for me?

Please reply!

Tortilla

Link to comment
Share on other sites

I used to sell Long Ways, not much money in them unless you get the model with the reinbecker flange though.

Anyhoo..

The problem is that the way your presenting your question leads the reader to get the impression that you care little for the process of learning how to learn. Even if I was to tell you that all you need to do is generate or download a rainbow table for 15 char passwords using a-z, A-Z, 0-9 and the US standard set of special characters (such as !, %, &, etc), then search that table for the hash that matches your password, there is still a lot of learning that you need to do before the last sentence will seem like a reasonable suggestion.

We're not going to be able to point you to a idiot proof program weighing in at less than 300MB that will crack the hashes within 72 hours, because I doubt that one exists (if it does, cool, post a link!). What you will need to do is go through what we have already posted and start doing some research on those topics. The process your trying to use is incredibly simple in both theory and practice but without putting in some research effort you will be stuck where you are.

Here is a jump point, read it through. If you don't understand something, google it. Then repeat the process with those search results.

http://www.antsight.com/zsl/rainbowcrack/rcracktutorial.htm

Link to comment
Share on other sites

i'm sorry but i have to say that this topic was funny to read. Although i would hate to be in the author's position.

The position of "Do this for me or I'll use phrases that make you look bad for not doing it but actually make me look silly to people who are paying attention (which would be a large demographic for this particular type of forum)."?

Link to comment
Share on other sites

Once I saw the episode with the rainbow tables, I followed the tutorial mentioned above and also went through generating the tables (3gb), yes I could of downloaded them but I wanted to learn how to do this (the whole process from start to finish), yes it takes time but I felt happier going through the entire process rather than just downloading the generated table then annoying people into what do you use them for now.

Once I had them generated I tested using them on my OWN laptop to see how they work now, i was happy how the whole process worked it takes time but it was fairly simple to follow

Link to comment
Share on other sites

I think it should also be mentioned that there are paid services (not programs directly) that will give you access to ridiculously sized rainbow tables (stored on there SQL server) of not just LANMan hashes but md5 and sha1.

These services are usually defeated with use of a simple salt that windows still fails to implement.

Link to comment
Share on other sites

^Yes, that's exactly what I'm talking about.

I used to sell Long Ways, not much money in them unless you get the model with the reinbecker flange though.

Anyhoo..

The problem is that the way your presenting your question leads the reader to get the impression that you care little for the process of learning how to learn. Even if I was to tell you that all you need to do is generate or download a rainbow table for 15 char passwords using a-z, A-Z, 0-9 and the US standard set of special characters (such as !, %, &, etc), then search that table for the hash that matches your password, there is still a lot of learning that you need to do before the last sentence will seem like a reasonable suggestion.

We're not going to be able to point you to a idiot proof program weighing in at less than 300MB that will crack the hashes within 72 hours, because I doubt that one exists (if it does, cool, post a link!). What you will need to do is go through what we have already posted and start doing some research on those topics. The process your trying to use is incredibly simple in both theory and practice but without putting in some research effort you will be stuck where you are.

Here is a jump point, read it through. If you don't understand something, google it. Then repeat the process with those search results.

http://www.antsight.com/zsl/rainbowcrack/rcracktutorial.htm

Takes about 10 minutes. The website is;

http://www.loginrecovery.com/

Enjoy ;)

Tortilla

PS: They only give it to you after 72 hours, unless you pay.

Link to comment
Share on other sites

what about going in this direction... start over and try this

Obtain the IUSR account password

cscript.exe adsutil.vbs get w3svc/anonymoususerpass

Obtain the IWAM account password

cscript.exe adsutil.vbs get w3svc/wamuserpass

Set the IUSR account password

cscript.exe adsutil.vbs set w3svc/anonymoususerpass "password"

Set the IWAM account password

cscript.exe adsutil.vbs set w3svc/wamuserpass "password"

http://support.microsoft.com/default.aspx?...kb;EN-US;297989

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...