Comments on: Cracking HALFLM http://blog.c22.cc/2009/06/02/cracking-halflm/ Because we're damned if we do, and we're damned if we don't! Thu, 02 Feb 2012 12:54:16 +0000 hourly 1 http://wordpress.com/ By: Teriyakiboy http://blog.c22.cc/2009/06/02/cracking-halflm/comment-page-1/#comment-242 Wed, 01 Jul 2009 17:11:11 +0000 http://c22blog.wordpress.com/?p=522#comment-242 Thanks ChrisJohnRiley. Your answer was really helpful.
Thanks a lot :-)

]]> By: ChrisJohnRiley http://blog.c22.cc/2009/06/02/cracking-halflm/comment-page-1/#comment-238 Sat, 27 Jun 2009 20:25:50 +0000 http://c22blog.wordpress.com/?p=522#comment-238 Things become a little more tricky if the challenge isn’t 1122334455667788. The beauty of rainbow tables is that the hard processing work has already been done once for the challenge, so whenever you use the rainbow table the time is significantly reduced. If the challenge isn’t set to 1122334455667788 (as it should be if you use something like CAIN or Metasploit to effect the authentication) then there is little point in creating a rainbow table specifically for that challenge. It will take just as much time (possible a more with overhead on writing the tables to disk etc..) as performing a simple brute-force attack against it. I’d suggest inputting the hashes into CAIN (with the challenge) using the USERNAME:DOMAIN:1122334455667788:LMHASH:NTHASH format and letting it perform a brute-force attack. Unless you’ve got a stack of hashes using this new challenge then going the rainbow tables route isn’t realy going to bring you much benefit.

Hope that helped, and good luck with the cracking.

]]> By: Teriyakiboy http://blog.c22.cc/2009/06/02/cracking-halflm/comment-page-1/#comment-237 Sat, 27 Jun 2009 17:21:42 +0000 http://c22blog.wordpress.com/?p=522#comment-237 What can be done when the challenge isnt 1122334455667788 ?
Does rainbowtablesonline support suc hashes ?
How much time will it take to generate a halflmchall rt for a custom challenge ??

Thanks

]]>