LM to NTLM Converting
#1
So with our new rig I did some testing and oclHashcat beat ophcrack/rcracki_mt/john for cracking LM hashes (was surprised about the rainbow tables times being higher).

The problem is oclHashcast only returns the LM version of the password, not the proper case version.  Now with JtR I could do something like the following:
Code:
$ john --format=LM hashes.pwdump
$ john --show --format=LM hashes.pwdump > LM.wordlist
$ john --format=NT --rule=NT --wordlist=LM.wordlist hashes.pwdump
$ john --show --format=NT hashes.pwdump

Not the most elegant but it does work.

Is there something similar that could be done with oclHashcat?
#2
(09-17-2015, 03:43 AM)bismark Wrote: So with our new rig I did some testing and oclHashcat beat ophcrack/rcracki_mt/john for cracking LM hashes (was surprised about the rainbow tables times being higher).

The problem is oclHashcast only returns the LM version of the password, not the proper case version.  Now with JtR I could do something like the following:
Code:
$ john --format=LM hashes.pwdump
$ john --show --format=LM hashes.pwdump > LM.wordlist
$ john --format=NT --rule=NT --wordlist=LM.wordlist hashes.pwdump
$ john --show --format=NT hashes.pwdump

Not the most elegant but it does work.

Is there something similar that could be done with oclHashcat?

something like this

may need to do combinator to join the LM halves back together. I don't remember if oclhashcat does that for you.
Code:
oclhashcat --show -m 3000 hashes.pwdump > LM.wordlist
oclhashcat -r toggles1.rule -m 1000 hashes.pwdump LM.wordlist