Tortilla Posted June 16, 2008 Posted June 16, 2008 hi Here are the hashes; Using pipe {C062BC58-DE56-4FEB-B994-E80D2C502959} Key length is 16 Administrator:500:0D22A2EC19E985FECCC146886D951221:E5E261118A9F1D9C322B4A32C3985 220::: ASPNET:1004:FE713FE62DE16111A94A5D370AD2572D:99C502809783256C5FD29FF5D59BF43F::: ASPNET_history_0:1004:8C2C2AB9A5FB1D9F8E9AF5CA36BB6BCA:6D78D80C214AD6C17614D6F91 7C32CFB::: Guest:501:NO PASSWORD*********************:NO PASSWORD*********************::: HelpAssistant:1000:8CFB8EAFF582C095E83158A0A4EE76BC:29C70955FE298C02DC88D66A1FCC 8C7A::: IUSR_UMGG19C-99:1005:D5D52AE76E3A9DB6AA4C2D57DDE6D645:295F65C6D00FC6E309B213E2F5120DE4::: IUSR_UMGG19C-99_history_0:1005:D5D52AE76E3A9DB6AA4C2D57DDE6D645:295F65C6D00FC6E309B213E2F5120 DE4::: IWAM_UMGG19C-99:1006:014BACF2CAC95102920A421C96500485:E1EFF922F5C16238291A9C9761E898DA::: SQLDebugger:1012:NO PASSWORD*********************:958E6D6BD3C79E3DBC406E9527403375::: SUPPORT_388945a0:1002:NO PASSWORD*********************:D7789B96A2FF935ADEE9680C26CA47BD::: Completed. pwdump6 Version 1.7.1 by fizzgig and the mighty group at foofus.net Copyright 2008 foofus.net This program is free software under the GNU General Public License Version 2 (GNU GPL), you can redistribute it and/or modify it under the terms of the GNU GPL, as published by the Free Software Foundation. NO WARRANTY, EXPRESSED OR IMPLIED, IS GRANTED WITH THIS PROGRAM. Please see the COPYING file included with this program and the GNU GPL for further details. The only password I need are the IUSR account, the IWAM account & (of course) the Administrator account. Please tell me what they are, or tell me how I can utilise rainbow tables to decrypt them myself. thanks (in advance) Tortilla Quote
ls Posted June 16, 2008 Posted June 16, 2008 these hashes are from a computer you own right ?? well there is this thing called google and you should be able to find your answer in a matter of seconds Quote
Rab Posted June 16, 2008 Posted June 16, 2008 technolust is one thing, asking us to crack a password for you is a nono Quote
dred Posted June 17, 2008 Posted June 17, 2008 Can't crack this password hash!, Please help me! I don't know how to use rainbow tables! Tutorial Google: How to use rainbow tables Google: How do I stop being so lazy Google: Computer Crime Laws Google: Criminal Justice Attorneys Google: How to survive in Prison Not tryign to be mean or rude just expressing a point Quote
l337virus Posted June 17, 2008 Posted June 17, 2008 one thing is explaining your situation but asking people to do your dirty work is another and if u wore smart enough to watch some of the past seasons of Hak5 it kinda teaches you to crack your own password hashes and also there is another tool called Google and seems like u cant master that witch i pity you Quote
SomeoneE1se Posted June 17, 2008 Posted June 17, 2008 Tutorial ... Google: How to survive in Prison ... now that's funny Quote
geekdba Posted June 17, 2008 Posted June 17, 2008 Watch the old episodes it explains about using them how to generate them etc Quote
Tortilla Posted June 17, 2008 Author Posted June 17, 2008 Which episode should I watch? Link please! Quote
Rampant Posted June 17, 2008 Posted June 17, 2008 Watch all of them maybe you'll learn things like, i dunno, ethics? Quote
tim.vangehugten Posted June 17, 2008 Posted June 17, 2008 Which episode should I watch? Should watch? All of them of course ;) Quote
Rampant Posted June 17, 2008 Posted June 17, 2008 Should watch? All of them of course ;) Is what i say. Quote
VaKo Posted June 17, 2008 Posted June 17, 2008 You should start by reading the documentation and errata for the software/process your having issues with. Googling common terms like rainbow table guide tutorial how-to etc should point you in the right direction. Lastly, you need to experiment with this, play around with it and see what happens. Quote
Tortilla Posted June 18, 2008 Author Posted June 18, 2008 Alright. Um, I have found something that does it (it worked) but it says that I need to pay to view the password Not to worry, it also says that after 72 hours, they'll just give it to me. But for next time, I'd rather use a different method (other than waiting 72 hours or paying). That is, doing it for free (no strings attached). Can someone please recommend me a small program (less than 300MB) that will be able to achieve windows hash decrypting for me? Please reply! Tortilla Quote
moonlit Posted June 18, 2008 Posted June 18, 2008 Can someone please recommend me a small program (less than 300MB) that will be able to achieve windows hash decrypting for me? You're missing the point. Do shit yourself. Quote
Sparda Posted June 18, 2008 Posted June 18, 2008 A little help can go a long way. But who receives this 'long way'? Quote
VaKo Posted June 18, 2008 Posted June 18, 2008 I used to sell Long Ways, not much money in them unless you get the model with the reinbecker flange though. Anyhoo.. The problem is that the way your presenting your question leads the reader to get the impression that you care little for the process of learning how to learn. Even if I was to tell you that all you need to do is generate or download a rainbow table for 15 char passwords using a-z, A-Z, 0-9 and the US standard set of special characters (such as !, %, &, etc), then search that table for the hash that matches your password, there is still a lot of learning that you need to do before the last sentence will seem like a reasonable suggestion. We're not going to be able to point you to a idiot proof program weighing in at less than 300MB that will crack the hashes within 72 hours, because I doubt that one exists (if it does, cool, post a link!). What you will need to do is go through what we have already posted and start doing some research on those topics. The process your trying to use is incredibly simple in both theory and practice but without putting in some research effort you will be stuck where you are. Here is a jump point, read it through. If you don't understand something, google it. Then repeat the process with those search results. http://www.antsight.com/zsl/rainbowcrack/rcracktutorial.htm Quote
amper Posted June 18, 2008 Posted June 18, 2008 i'm sorry but i have to say that this topic was funny to read. Although i would hate to be in the author's position. Quote
Sparda Posted June 18, 2008 Posted June 18, 2008 i'm sorry but i have to say that this topic was funny to read. Although i would hate to be in the author's position. The position of "Do this for me or I'll use phrases that make you look bad for not doing it but actually make me look silly to people who are paying attention (which would be a large demographic for this particular type of forum)."? Quote
geekdba Posted June 18, 2008 Posted June 18, 2008 Once I saw the episode with the rainbow tables, I followed the tutorial mentioned above and also went through generating the tables (3gb), yes I could of downloaded them but I wanted to learn how to do this (the whole process from start to finish), yes it takes time but I felt happier going through the entire process rather than just downloading the generated table then annoying people into what do you use them for now. Once I had them generated I tested using them on my OWN laptop to see how they work now, i was happy how the whole process worked it takes time but it was fairly simple to follow Quote
Sparda Posted June 18, 2008 Posted June 18, 2008 I think it should also be mentioned that there are paid services (not programs directly) that will give you access to ridiculously sized rainbow tables (stored on there SQL server) of not just LANMan hashes but md5 and sha1. These services are usually defeated with use of a simple salt that windows still fails to implement. Quote
Tortilla Posted June 18, 2008 Author Posted June 18, 2008 ^Yes, that's exactly what I'm talking about. I used to sell Long Ways, not much money in them unless you get the model with the reinbecker flange though. Anyhoo.. The problem is that the way your presenting your question leads the reader to get the impression that you care little for the process of learning how to learn. Even if I was to tell you that all you need to do is generate or download a rainbow table for 15 char passwords using a-z, A-Z, 0-9 and the US standard set of special characters (such as !, %, &, etc), then search that table for the hash that matches your password, there is still a lot of learning that you need to do before the last sentence will seem like a reasonable suggestion. We're not going to be able to point you to a idiot proof program weighing in at less than 300MB that will crack the hashes within 72 hours, because I doubt that one exists (if it does, cool, post a link!). What you will need to do is go through what we have already posted and start doing some research on those topics. The process your trying to use is incredibly simple in both theory and practice but without putting in some research effort you will be stuck where you are. Here is a jump point, read it through. If you don't understand something, google it. Then repeat the process with those search results. http://www.antsight.com/zsl/rainbowcrack/rcracktutorial.htm Takes about 10 minutes. The website is; http://www.loginrecovery.com/ Enjoy ;) Tortilla PS: They only give it to you after 72 hours, unless you pay. Quote
Justin Ewing Posted June 19, 2008 Posted June 19, 2008 what about going in this direction... start over and try this Obtain the IUSR account password cscript.exe adsutil.vbs get w3svc/anonymoususerpass Obtain the IWAM account password cscript.exe adsutil.vbs get w3svc/wamuserpass Set the IUSR account password cscript.exe adsutil.vbs set w3svc/anonymoususerpass "password" Set the IWAM account password cscript.exe adsutil.vbs set w3svc/wamuserpass "password" http://support.microsoft.com/default.aspx?...kb;EN-US;297989 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.