Wednesday, October 24, 2012

Crack All The Hashes!

Crack All The Hashes!

A few months back I was having a discussion with a co-worker about how to effectively crack a large PWDUMP file (thousands and thousands of users and hashes). I have a bunch of manual steps I use to churn through John the Ripper, oclHashcat and Rainbowcrack that I shared. Then I asked myself, "wtf, why not make a shell script instead?"

When mubix mentioned lm2ntlm patches to JtR for helping to crack from LANMAN to NTLM I remembered that I never fully wrote up anything here about the script. Soo... here's the script!

Fork it, fix it, do whatever you want with it from

Execution is fairly straight forward. Hopefully I didn't make any glaring security holes when processing PWDUMP files. Use all your favorite precautions before or while running this.

No comments: