PDA

View Full Version : please help me



~~smart~fool~~
10-30-2006, 05:54 PM
ok theres a password for the account on my computer.
ive used many programs to try to do all sorts of things to get it but they dont work
can someone help me find it...that is find, not remove or change
these are the password hashes:
LM : E*A4C*6F64B540B8C6EBE8776A*5*FEB
NTLM : *62E82*BE**2225FEDF856E*8E*C65FE

~~smart~fool~~
11-01-2006, 03:25 PM
any programs to s***est?

Moonbat
11-01-2006, 05:24 PM
It looks like an MD hash, mostl likely MD5.

If you like GUI programs, you can get Cain and Abel. It has an easy interface, and offers the use of dictionary attacks and brute forcing.

If your comfortable with DOS programs, use John the Ripper. It is very good, in my opinion better-working than Cain, although I hate the DOS interface.

I would recommend Cain in this case, becuase if it's a password to an account, it's most likely something dictionaryable, like a word, maybe with numbers. JTR works fine too, but there won't be much difference. IMO, JTR is just as good as Cain in dictionary attack, but faster at brute-forcing.

Ezekiel
11-01-2006, 06:07 PM
It looks like an MD hash, mostl likely MD5.


There's really no way to tell what a hash like that is by looking at it - it's just a random hexadecimal string.

But they're LM (LanManager) and NTLM hashes, like it says next to them. LM and NTLM are the form Windows login passwords are stored in.

Just download cain and abel - it even allows you to import the hashes from the local system then crack them with either dictionary or brute force.

~~smart~fool~~
11-01-2006, 07:31 PM
i have done that and done every combination of brute force and dictionary that i can but it either takes a long time or doesnt work...could get it in 2* years with a full brute attack but i dont have that kind of time

maybe its hidden somehow

Moonbat
11-01-2006, 09:45 PM
2* years?!?
I quote wikipedia..


Although it is based on DES, a reasonably secure block cipher, the LM hash can easily be cracked due to two weaknesses in its implementation. First, passwords longer than 7 characters are divided into two pieces and each piece is hashed separately. Second, all lower case letters in the password are changed to upper case before the password is hashed. The first weakness allows each half of the password to be attacked separately. While there are 284 different passwords made of up to *4 mixed case letters and digits, there would be only 242 different *-7 character password pieces using the same character set. Restricting the character set to upper case letters and digits further reduces the number of possibilities for each half to 2*6. By mounting a brute force attack on each half separately, modern desktop machines can crack alphanumeric LM hashes in hours.

This means that either the password <= 7 characters/digits, or your missing the other half. Assuming the first one is true, your time should be cut down alot. As said, a password with letters only will take a few hours. Numbers and other symbols should substaintially increase the time, but not up to 2* years.

Wikipedia also talked about a program named Ophcrack


Ophcrack is an Open Source (GPL License) program that cracks Windows LM hashes using rainbow tables. It can crack **.*% of alphanumeric passwords of up to *4 characters in usually a few seconds, and at most a few minutes. There is also a LiveCD version which automates the retrieval, decryption, and cracking of passwords from a Windows system.

Starting with version 2.*, Ophcrack also cracks NT hashes.

Ezekiel
11-02-2006, 12:13 PM
2* years?!?
I quote wikipedia..
Wikipedia also talked about a program named Ophcrack

In your quoted text about Ophcrack, it says it needs rainbow tables. They are huge precomputed tables of all the hashes for different plaintext strings, and usually are 50gb-200gb to download.

I s***est you use a website like www.rainbowtables.com or www.milw0rm.com/cracker/ to crack the hash using a rainbow table.

~~smart~fool~~
11-03-2006, 04:28 PM
lol yeah

about the years thing thats just what the time approx was for all ascii chars and like *6 char long

thanks for the program ref