[111] in Best-of-Security
BoS: Alert: Crack 5.0 for NT
daemon@ATHENA.MIT.EDU (Bob Tinsley)
Thu Apr 10 04:16:57 1997
Date: Wed, 9 Apr 1997 22:07:25 +0000
Reply-To: Windows NT BugTraq Mailing List <NTBUGTRAQ@RC.ON.CA>,
Bob Tinsley <phac107@RHBNC.AC.UK>
From: Bob Tinsley <phac107@RHBNC.AC.UK>
Errors-To: best-of-security-request@suburbia.net
To: best-of-security@suburbia.net
Resent-From: best-of-security@suburbia.net
Working from (the recently-announced) NTcrack, I have patched Alec Muffett's
Crack 5.0 to work on NT passwords.
http://www.sun.rhbnc.ac.uk/~phac107/c50a-nt-0.10.tgz
... contains a short README, the patch itself, source code for crypt_nt
(a la Unix's crypt(3)), some script/code to force Crack's rules to upper case,
and a script to convert from pwdump's output to Crack's own internal format.
Also included are pwdump and NTcrack (on which this work is based.)
To use this software, you will need a shell account on a Unix box, and
Crack 5.0 (http://www.users.dircon.co.uk/~crypto/c50a.tgz and many archives.)
On my Red Hat Linux 4.1 box, the only configuration needed is for libdes,
and the optimisation flags in the Crack script itself. Enjoy!
WARNING: This program is under-tested, as I only have access to one NT machine
with just a few accounts. Although the code is heavily based on that of others,
the bugs are mine...
-- Bob
