> I have not seen JtR unpatched[1] come up with 'NT passwords' yet (the > case-sensitive kind), but I use vanilla JtR in conjunction with Cain[2] - > have JtR crack the LanMan hash, spit out all-uppercase password. Personnaly, I use JtR in order to recover the case insensitive passwords from the pwdump output, and I feed these passwords to a little Perl script creating a list of all possibles cases for the passwords. Then, I use this dictionnary in LC3 to get the exact password. Nicob ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Wed Sep 19 2001 - 09:50:41 PDT