From: Danux (danuxx@gmail.com)
Date: Wed Nov 21 2007 - 17:26:52 EST
Ok, thanks to all for your excellent help.
On Nov 17, 2007 7:49 AM, Jan Heisterkamp <janheisterkamp@web.de> wrote:
> Hi danuxx,
>
> if the IMS in "Domain : IMS" doesn't mean IP Multimedia Subsystem I
> would suggest to give John a chance, if this doesnt't work take less salt...
>
> Regards,
> Jan
>
> Danux schrieb:
> > Hi Experts,
> >
> > After testing a client network, i got a hash through Ettercap(ARP
> > Spoofing) , but when trying to cracking the hash with RainbowCrack it
> > seems not to be a NTLM format, and nothing happens.
> > Here i show the hash gathered:
> >
> > SMB : 172.16.16.135:445 ->
> > USER: mjones
> > HASH:
> > mjones:"":"":1EA3083687301F2E00000000000000000000000000000000:2F8EDA1AD20B80974F86656996787855C5CF3417FD44BF03:BD9AE7964A5E989B
> > DOMAIN: IMS
> >
> > Do you know how to crack hashes gathered from Ettercap(ARP Spoofing)?
> >
> >
>
>
> --
> Grupo Ampersand S.A.
> IT-Security Consultants & Auditors
> Apdo. 924 Escazu 1250
> Costa Rica C.A.
> Phone: (506)588-0432
> ceo_at_ampersanded.com [corp.]
> janheisterkamp_at_web.de [priv.]
>
>
>
-- Danux, CISSP Chief Information Security Officer Macula Security Consulting Group www.macula-group.com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:13 EDT