Web lists-archives.com

Re: [Samba] check accounts for known bad passwords

Hi Andrew,

You have helped me a lot lately, it is MUCH appreciated!


I would, if I were you, use:


To get the hashes in the form you want for this, try:

pdbedit -w

That dumps an smbpasswd file format file (be very careful with this, it
contains your krbtgt key, admin password and everything else!)

Note this in the FAQ:

A: With PWDUMP-format files, John focuses on LM rather than NTLM hashes
by default, and it might not load any hashes at all if there are no LM
hashes to crack. To have JtR Pro or a -jumbo version focus on NTLM
hashes instead, you need to pass the "--format=nt" option.

I guess you would run it:

john --wordlist=/usr/share/john/password.lst /root/smbpasswd

You will need that jumbo version, the NTLM hash isn't in the one
packaged on Fedora, so this is where I stopped.

I hope this helps you keep in front of the bad guys!

Andrew Bartlett

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba