[Samba] check accounts for known bad passwords
mj
lists at merit.unu.edu
Thu Jul 20 21:18:04 UTC 2017
Hi Andrew,
You have helped me a lot lately, it is MUCH appreciated!
MJ
>
> I would, if I were you, use:
>
> http://www.openwall.com/john/
> http://openwall.info/wiki/john/sample-hashes
>
> To get the hashes in the form you want for this, try:
>
> pdbedit -w
>
> That dumps an smbpasswd file format file (be very careful with this, it
> contains your krbtgt key, admin password and everything else!)
>
> Note this in the FAQ:
>
> A: With PWDUMP-format files, John focuses on LM rather than NTLM hashes
> by default, and it might not load any hashes at all if there are no LM
> hashes to crack. To have JtR Pro or a -jumbo version focus on NTLM
> hashes instead, you need to pass the "--format=nt" option.
>
> I guess you would run it:
>
> john --wordlist=/usr/share/john/password.lst /root/smbpasswd
> --format=nt
>
> You will need that jumbo version, the NTLM hash isn't in the one
> packaged on Fedora, so this is where I stopped.
>
> I hope this helps you keep in front of the bad guys!
>
> Andrew Bartlett
>
More information about the samba
mailing list