Monday 10 January 2011

Password cracking: Using John The Ripper (JTR) to detect password case (LM to NTLM)

When password-cracking Windows passwords (for password audits or penetration testing) if LM hashing is not disabled, two hashes are stored in the SAM database.

The first is the LM hash (relatively easy to crack because of design flaws, but often stored for backwards-compatibility)

The second is the NTLM hash which can be more difficult to crack (when used with strong passwords).

LM hashes store passwords all uppercase, and split into 2 blocks of 7 bytes (which is part of the reason why they are so weak).

This makes LM hashes easy to crack (complete rainbow tables of all possible hashes can be easily obtained for super-fast cracking).

However, cracking the LM hash does not tell you the full story about the password, i.e. you won't know the case of the alphabetic characters in the password. The passwords could be all uppercase, all lowercase, or a mixture and finding the case of the passwords can be important.

Here I will show how to crack the LM hashes and use these to find the exact password from the NTLM hashes.

Please remember to use these techniques only for legitimate educational and testing purposes and not maliciously.


The hashes

For these tests, I first set up a test Windows XP machine and added six users with various passwords, some of which you may think would be strong, but they are not strong enough!

I extract the passwords from the SAM using fgdump.exe, and get the following:

bert:1011:5DF12C9F2162249EAAD3B435B51404EE:099C037B843FDCA6489B03635E87EA76:::
erik:1008:4E1FB9BDD16A8F51AAD3B435B51404EE:FDC342B83B8A552C742B013E8A1BCA99:::
ernie:1012:1B638DBD583CF83D64BBD09A598E07AD:01C4EA2C58B2A0326D5EDF613E60DCED:::
jack:1015:F41D0D9F9038C51884672E50BA7FB014:14EAE3724A706F637FFC150A085F6EB3:::
phil:1009:208752DBBBEC625EAAD3B435B51404EE:9762FAD5394D489BFD7F662E9BC13655:::
sam:1010:FA1961430A96F9BEAAD3B435B51404EE:53F0FAE7D53BBE6C90F843ECEB71DCA0:::


So in the following example this is the LM hash, and this is the NTLM hash.

bert:1011:5DF12C9F2162249EAAD3B435B51404EE:099C037B843FDCA6489B03635E87EA76:::

I have put these hashes in a file called crackmemixed.txt on a Backtrack 4 system in /pentest/passwords/jtr.


Cracking the LM hashes


We will be using John The Ripper, so first type

john

To crack the LM hashes it is always worth trying a dictionary attack first, as this is very fast, so I will use the following command:

./john --wordlist=/pentest/passwords/wordlists/bt4-password.txt crackmemixed.txt
Loaded 12 password hashes with no different salts (LM DES [128/128 BS SSE2])
HAPPY            (erik)
OW               (ernie:2)
SHOWMEN          (ernie:1)
GRRRRRE          (jack:1)
WIBBLE           (sam)
guesses: 5  time: 0:00:00:00 100.00% (ETA: Mon Jan 10 10:13:33 2011)  c/s: 26204K  trying: ZZAJ - {LOG}


This used over three million passwords, took less than a second and cracked some of the hashes. (For LM hashes, the passwords longer than 7 characters are crack in two 7 byte pieces)

There are a few more hashes to crack so we will let JTR do a brute-force attack on the rest:

./john --format=lm crackmemixed.txt
Loaded 3 password hashes with no different salts (LM DES [128/128 BS SSE2])
AT!              (jack:2)
FLUFF34          (phil)
4REF5            (bert)
guesses: 3  time: 0:00:00:18 (3)  c/s: 19370K  trying: 4RIIN - 4RO5A


So we are all done with the LM hashes in under 20 seconds (which is pretty good). For stronger passwords, if this method was taking longer than a few minutes, I would probably would move to LM hash rainbow tables next, which would speed things up a lot.


Check our LM hash-cracked passwords


To display what we have so for we can do

./john -show crackmemixed.txt
 
bert:4REF5:1011:::
erik:HAPPY:1008:::
ernie:SHOWMENOW:1012:::
jack:GRRRRREAT!:1015:::
phil:FLUFF34:1009:::
sam:WIBBLE:1010:::

8 password hashes cracked, 0 left


... but as you can see, this is all all displayed in uppercase, as we can't tell the case of the passwords from cracking the LM hashes.


Preparing for cracking the NTLM hashes

We are going to change the rules that JTR uses, so will will make two backups of the rules file:

cp john.conf john.conf.old
cp john.conf john.conf.ntlm

Then edit the rules file, as follows:

  • In john.conf.ntlm
    • Replace "List.Rules:Wordlist" with "List.Rules:Disabled" to disable the normal ruleset
    • Then replace "List.Rules:NT" with "List.Rules:Wordlist" to enable our specialised attack


Our NTLM hashes

To show the NTLM hashes we are trying to crack use:

./john --show=LEFT --format=NT crackmemixed.txt

sam:$NT$53f0fae7d53bbe6c90f843eceb71dca0
phil:$NT$9762fad5394d489bfd7f662e9bc13655
jack:$NT$14eae3724a706f637ffc150a085f6eb3
ernie:$NT$01c4ea2c58b2a0326d5edf613e60dced
erik:$NT$fdc342b83b8a552c742b013e8a1bca99
bert:$NT$099c037b843fdca6489b03635e87ea76



Cracking our NTML hashes

First we need to create a dictionary file which will contain just the passwords we have already obtained from LM hash-cracking, with the following command:

./john --show --format=LM crackmemixed.txt | grep -v "password hashes" | cut -d":" -f2 | sort -u > lmcracked.txt


So we now have a list of just the passwords in uppercase in lmcracked.txt. Let's put our special password rules in place:

cp john.conf.ntlm john.conf

Now we can using our specific password dictionary and rules to crack the NTLM password hashes as follows:

./john -rules --wordlist=lmcracked.txt --format=nt crackmemixed.txt
 
Loaded 6 password hashes with no different salts (NT MD4 [128/128 SSE2 + 32/32])
4Ref5            (bert)
HaPpY            (erik)
fluff34          (phil)
wibble           (sam)
GRRRRReat!       (jack)
ShowMeNow        (ernie)
guesses: 6  time: 0:00:00:00 100.00% (ETA: Mon Jan 10 11:24:44 2011)  c/s: 44800  trying: GrrrRREAt! - sHOWMEnow


This took less than a second, and we have cracked the case sensitive NTLM hashes from the case insensitive LM hash-cracked passwords.


Returning JTR rules back to normal

After you are done, don't forget to put the rules back how they were:

cp john.conf.old john.conf



Mitigation

End to end, this exercise could have been done in under a minute. This just goes to show how weak passwords can be, and how easily they can be cracked with the right tools, network access and knowhow.
  • Disable LM hashes
  • Implement a strong password policy
  • Check this is enforced and working correctly with regular audits

34 comments:

  1. Replies
    1. Hey Guys !

      USA Fresh & Verified SSN Leads with DL Number AVAILABLE with 99.9% connectivity
      All Leads have genuine & valid information

      **HEADERS IN LEADS**
      First Name | Last Name | SSN | Dob | DL Number | Address | City | State | Zip | Phone Number | Account Number | Bank Name | Employee Details | IP Address

      *Price for SSN lead $2
      *You can ask for sample before any deal
      *If anyone buy in bulk, we can negotiate
      *Sampling is just for serious buyers

      ==>ACTIVE, FRESH CC & CVV FULLZ AVAILABLE<==
      ->$5 PER EACH

      ->Hope for the long term deal
      ->Interested buyers will be welcome

      **Contact 24/7**
      Whatsapp > +923172721122
      Email > leads.sellers1212@gmail.com
      Telegram > @leadsupplier
      ICQ > 752822040

      Delete
    2. Insidetrust.Com: Password Cracking: Using John The Ripper (Jtr) To Detect Password Case (Lm To Ntlm) >>>>> Download Now

      >>>>> Download Full

      Insidetrust.Com: Password Cracking: Using John The Ripper (Jtr) To Detect Password Case (Lm To Ntlm) >>>>> Download LINK

      >>>>> Download Now

      Insidetrust.Com: Password Cracking: Using John The Ripper (Jtr) To Detect Password Case (Lm To Ntlm) >>>>> Download Full

      >>>>> Download LINK 6l

      Delete
    3. Insidetrust.Com: Password Cracking: Using John The Ripper (Jtr) To Detect Password Case (Lm To Ntlm) >>>>> Download Now

      >>>>> Download Full

      Insidetrust.Com: Password Cracking: Using John The Ripper (Jtr) To Detect Password Case (Lm To Ntlm) >>>>> Download LINK

      >>>>> Download Now

      Insidetrust.Com: Password Cracking: Using John The Ripper (Jtr) To Detect Password Case (Lm To Ntlm) >>>>> Download Full

      >>>>> Download LINK V8

      Delete
  2. can u tell me how can i break a rar file passward.

    ReplyDelete
  3. Unfortunately John's default case-toggling rules only go up to 11 chars, and LM goes up to 14 chars. If you have 12-14 char plaintexts from LM, you'll need to add additional case-toggling rules:
    -c TDQT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6]T[z7]T[z8]T[z9]T[zA]T[zB]T[zC]
    -c TDQT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6]T[z7]T[z8]T[z9]T[zA]T[zB]T[zC]T[zD]
    -c TDQT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6]T[z7]T[z8]T[z9]T[zA]T[zB]T[zC]T[zD]T[zE]
    -c TDQT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6]T[z7]T[z8]T[z9]T[zA]T[zB]T[zC]T[zD]T[zE]T[zF]

    ReplyDelete
  4. Thanks epixoip,
    Very interesting!
    Ben

    ReplyDelete
  5. SHANTANU DUTTA,

    Thanks for the suggestion, I may do a blog about that at some point.

    ReplyDelete
  6. im in the same boat as shantanu dutta...

    ReplyDelete
  7. "Unknown ciphertext format name requested" :(

    ReplyDelete
  8. Can you tell me how to recover this password:
    7C7BECE22B6AC8E11D71A58EB137820E

    ReplyDelete
  9. Nice post pal.

    The best way I have found yet to decrypt my hash is online via http://recovermypass.com . It is the best from my experience.

    It found 6 more passwords that I was unable to crack.

    ReplyDelete
  10. You can do it without edit john.conf.

    ./john -format=LM /tmp/pwd
    ./john -format=LM /tmp/pwd -show | cut -d: -f2 | sed 'N;$!P;$!D;$d' > /tmp/worldlist
    ./john -format=NT /tmp/pwd -w=/tmp/worldlist -rules:NT

    --

    Cauan G.

    ReplyDelete
  11. less than a second my hairy ass.

    ReplyDelete
  12. root@box:/home/user/wifu# john -i lm.txt
    Loaded 2 password hashes with no different salts (LM DES [64/64 BS MMX])
    guesses: 0 time: 0:00:00:32 c/s: 10528K trying: RYTECA3 - RYTECL2
    guesses: 0 time: 0:00:00:34 c/s: 10631K trying: ABDTO6 - ABDD5P
    guesses: 0 time: 0:00:05:57 c/s: 11511K trying: GEOPMS4 - GEOPTC*
    guesses: 0 time: 0:00:06:09 c/s: 11550K trying: FEFP08P - FEFP05B
    guesses: 0 time: 0:00:06:13 c/s: 11587K trying: S97RMC - S97RNT
    guesses: 0 time: 0:00:20:00 c/s: 9508K trying: WOYV8OA - WOYV8I1
    guesses: 0 time: 0:00:20:42 c/s: 9504K trying: BOVHLU2 - BOVHLDI
    guesses: 0 time: 0:01:30:59 c/s: 11116K trying: F3SDLNN - F3SDY1N
    guesses: 0 time: 0:01:48:22 c/s: 11177K trying: 5AY6USP - 5AY6UAA
    guesses: 0 time: 0:01:48:39 c/s: 11184K trying: 9PP908K - 9PP907K
    guesses: 0 time: 0:01:50:56 c/s: 11161K trying: D_B1VKA - D_B1VM*
    guesses: 0 time: 0:05:06:59 c/s: 13416K trying: 12D4FNM - 12D4F85
    guesses: 0 time: 0:05:08:07 c/s: 13425K trying: ES2-OM0 - ES2-OS_
    guesses: 0 time: 0:05:10:04 c/s: 13418K trying: ZMZ-HHS - ZMZ-H !
    guesses: 0 time: 0:05:15:18 c/s: 13373K trying: KRENXQO - KRESTJN
    guesses: 0 time: 0:05:16:24 c/s: 13361K trying: EJJ87 X - EJJ85ZO

    less than a second, yeah right buddy

    ReplyDelete
    Replies
    1. Your doing it wrong, you need to start with a good wordlist

      Delete
    2. Start here https://wiki.skullsecurity.org/Passwords

      Delete
    3. help me plz to crach one hash i cant do it plz

      Delete
  13. It looks liek you need to delete your John.pot file and start again. Usually when it says guesses:0 thats what fixes it.

    ReplyDelete
  14. Please frnds help me
    I have a LM:NTLM hash ACB8B68AD81BAE2FB85EBEA904A749B9:6F12FC6A112C805AD52801F38A6A9EE9
    In fact I know password consist of 11 chars out of which last 5 characters are #2345
    and remaining characters are from [a-z] or [A-Z].
    I dont know about rules.
    I want exact rules for that.

    ReplyDelete
    Replies
    1. The last characters are $2345, not #2345

      Delete
    2. The last characters are $12345, not $2345

      Delete
  15. Initially it did not work for me, but after tweaking the last command of yours just worked perfectly. I executed john --rules=nt --wordlist=lmcracked.txt --format=nt crackmemixed.txt

    Thanks for this :)

    ReplyDelete
  16. Are you in need of a loan? Do you want to pay off your bills? Do you want to be financially stable? All you have to do is to contact us for more information on how to get started and get the loan you desire. This offer is open to all that will be able to repay back in due time. Note-that repayment time frame is negotiable and at interest rate of 3% just email us {urgentloan22@gmail.com}

    ReplyDelete
  17. Is this still relevant? Having trouble with step cp john.conf john.conf.old
    cp john.conf john.conf.ntlm

    also with grep not showing up as a valid cmd

    ReplyDelete
  18. updated* is there a way to mimic these on windows?

    ReplyDelete
  19. " you could try using http://www.hashcat.online for your password recovery, Its free for 1 hour
    and helped me get my password"

    ReplyDelete

  20. Available Services

    ..paypal money adder

    ..bitcoin miner ultimate

    ..hack bank account

    ..payza money adder

    ..jtr password cracker

    ..neteller money adder

    ..payoneer money adder

    ..Wire Bank Transfer all over the world

    ..Western Union Transfer all over the world

    ..Credit Cards (USA, UK, AUS, CAN, NZ)

    ..School Grade upgrade / remove Records

    ..Spamming Tool

    ..keyloggers / rats

    ..Social Media recovery

    .. Teaching Hacking / spamming / carding (1/2 hours course)

    discount for re-seller

    Contact: 24/7
    putro9111@gmail.com

    ReplyDelete
  21. Hey Guys !

    USA Fresh & Verified SSN Leads with DL Number AVAILABLE with 99.9% connectivity
    All Leads have genuine & valid information

    **HEADERS IN LEADS**
    First Name | Last Name | SSN | Dob | DL Number | Address | City | State | Zip | Phone Number | Account Number | Bank Name | Employee Details | IP Address

    *Price for SSN lead $2
    *You can ask for sample before any deal
    *If anyone buy in bulk, we can negotiate
    *Sampling is just for serious buyers

    ==>ACTIVE, FRESH CC & CVV FULLZ AVAILABLE<==
    ->$5 PER EACH

    ->Hope for the long term deal
    ->Interested buyers will be welcome

    **Contact 24/7**
    Whatsapp > +923172721122
    Email > leads.sellers1212@gmail.com
    Telegram > @leadsupplier
    ICQ > 752822040

    ReplyDelete
  22. Thanks for the superb tutorial
    Download John Android
    https://bit.ly/2GwPaAX

    ReplyDelete
  23. SAM Broadcaster Pro CrackI am very impressed with your post because this post is very beneficial for me and provide a new knowledge to me

    ReplyDelete
  24. Insidetrust.Com: Password Cracking: Using John The Ripper (Jtr) To Detect Password Case (Lm To Ntlm) >>>>> Download Now

    >>>>> Download Full

    Insidetrust.Com: Password Cracking: Using John The Ripper (Jtr) To Detect Password Case (Lm To Ntlm) >>>>> Download LINK

    >>>>> Download Now

    Insidetrust.Com: Password Cracking: Using John The Ripper (Jtr) To Detect Password Case (Lm To Ntlm) >>>>> Download Full

    >>>>> Download LINK

    ReplyDelete