Penetration Testing: RE: Using schmoo rainbow tables with rcrack

["Victor Chapela" <victor () sm4rt com>]

Hi,

The problem you have is based on the fact that you are trying to break 2 Lan
Manager hashes, not one. Remember that Lan Manager splits passwords into two
independent hashes and then sticks them together. You can do two things: use
the pwdump format in which as an extra bonus rcrack will break the lowercase
letters by bruteforcing the NTLM hash (only after it breaks both hashes) or
you can use the hash list (-l) or individual hashes (-h) by separating your
hashes into two separate ones. For example, the hash for the word "password"
would be E52CAC67419A9A224A3B108F3FA6CB6D where E52CAC67419A9A22 would be
broken into "passwor" and 4A3B108F3FA6CB6D into "d".

You can use "rcrack alpha/*rt -h E52CAC67419A9A22" to break the first half.

Good luck,
Victor

> -----Original Message-----
> From: Per Øyvind Thorsheim [mailto:putilutt () online no] 
> Sent: March 31, 2006 9:35 AM
> To: 'Ghirai'; pen-test () securityfocus com
> Subject: SV: Using schmoo rainbow tables with rcrack
>
> I've got the same problem with all the shmoo charsets (yes, 
> i've downloaded them all), and i have also tested them with 
> Cain & Abel (www.oxid.it), also there without success.
>
> Any clues would be much appreciated.
>
> Regards,
> Per
>
> > -----Opprinnelig melding-----
> > Fra: Ghirai [mailto:ghirai () ghirai com]
> > Sendt: 31. mars 2006 11:49
> > Til: pen-test () securityfocus com
> > Emne: Using schmoo rainbow tables with rcrack
> >
> > Hello,
> >
> > I downloaded the schmoo rainbow tables, and wanted to perform a few 
> > tests on my local machine, but rcrack gives me an error 
> when i try the 
> > alpha charset:
> >
> > D:\Rainbow Tables\LM\lm_alpha>rcrack.exe *.rt -h 
> > xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> > lm_alpha#1-7_0_2100x8000000_all.rt:
> > this table contains hashes with length 8 only
> >
> > lm_alpha#1-7_1_2100x8000000_all.rt:
> > this table contains hashes with length 8 only
> >
> > lm_alpha#1-7_2_2100x8000000_all.rt:
> > this table contains hashes with length 8 only
> >
> > lm_alpha#1-7_3_2100x8000000_all.rt:
> > this table contains hashes with length 8 only
> >
> > lm_alpha#1-7_4_2100x8000000_all.rt:
> > this table contains hashes with length 8 only
> >
> > Anyone used the schmoo RTs, and know how to use them properly?
> >
> > Thanks.
> >
> > --
> > Best regards,
> > Ghirai.
> >
> >
> > --------------------------------------------------------------
> > ----------------
> > This List Sponsored by: Cenzic
> >
> > Concerned about Web Application Security? 
> > As attacks through web applications continue to rise, you need to 
> > proactively protect your applications from hackers. Cenzic has the 
> > most comprehensive solutions to meet your application security 
> > penetration testing and vulnerability management needs. You have an 
> > option to go with a managed service (Cenzic ClickToSecure) or an 
> > enterprise software (Cenzic Hailstorm).
> > Download FREE whitepaper on how a managed service can help you: 
> > http://www.cenzic.com/forms/ec.php?pubid=10025
> > And, now for a limited time we can do a FREE audit for you 
> to confirm 
> > your results from other product. Contact us at request () cenzic com
> > --------------------------------------------------------------
> > ----------------
>
> --------------------------------------------------------------
> ----------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security? 
> As attacks through web applications continue to rise, you 
> need to proactively protect your applications from hackers. 
> Cenzic has the most comprehensive solutions to meet your 
> application security penetration testing and vulnerability 
> management needs. You have an option to go with a managed 
> service (Cenzic ClickToSecure) or an enterprise software 
> (Cenzic Hailstorm). 
> Download FREE whitepaper on how a managed service can help you: 
> http://www.cenzic.com/forms/ec.php?pubid=10025
> And, now for a limited time we can do a FREE audit for you to 
> confirm your results from other product. Contact us at 
> request () cenzic com
> --------------------------------------------------------------
> ----------------

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to proactively
protect your applications from hackers. Cenzic has the most comprehensive
solutions to meet your application security penetration testing and
vulnerability management needs. You have an option to go with a managed
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com
------------------------------------------------------------------------------