Tools
lm2ntcrack
by Yannick Hamon
Platforms: Perl (any system supporting perl)
Categories: Auditing, Passwords
Version: 0.5a
URL: http://www.xmcopartners.com/lm2ntcrack/lm2ntcrack-current.tgz
This tool provides a simple way to crack Microsoft Windows NT Hash (MD4) when the LM Password is known.

It is entirely written in perl, so its easily ported and installed.

This program must be used with the password cracker "John the Ripper"

http://www.openwall.com/john/

* Example :

[yann@xmcopartners:~/lm2ntcrack]$ time perl lm2ntcrack.pl -v -l="AZERTY123$" -n="81CD1A1C4CBCE05C0F8D411ACEC7587F"

############################################################################

# NT Password cracker from LM password

# Version : 0.5a - Oct 2008

# By Yannick HAMON <yannick.hamon (at) xmcopartners (dot) com [email concealed]>

# Homepage : http://www.xmcopartners.com

############################################################################

[INFO] : "AZERTY123$" has 10 character(s) but contains 4 special(s) char(s) and/or integer(s)

[INFO] : => 64 words will be generated ...... OK !!

[INFO] : Crack NT password from "AZERTY123$" and NT HASH "81CD1A1C4CBCE05C0F8D411ACEC7587F"

[CRACKED] AZERTY123$ => azERTy123$

real 0m0.033s

user 0m0.025s

sys 0m0.007s

* NB :

Recently, after developped this fabulous TOOL, I've found an old post on "openwall mailing-list" :

http://www.openwall.com/lists/john-users/2006/07/08/2

This post explains how to crack NT hash from LM password with john-the-ripper (need to modify john's configuration file to use [List.Rules:NT] section and stop running john on the LM hashes).

john -show pwfile | cut -d: -f2 > cracked

john -w=cracked -rules -format=nt pwfile

john -show -format=nt pwfile

One known problem with this approach is that it'll fail for passwords containing colons (':' is cut delimiter).

This problem does not impact "lm2ntcrack" and you can use "lm2ntcrack" while john is cracking LM hashes.

    Tools
 
Comments Mode:


 

Privacy Statement
Copyright 2010, SecurityFocus