search for: l0phtcrack

I've got a problem with some idiots of my users :=). They always use weak passwords. Does anyone know a way to find out which passwords are easy to crack? I mean usual passwords like god, sex, password, $username, .... I use tdb as password database. thank you, livius

...ot in front of the machine at the moment but the error that I see implies that soem systems require all UPPER CASE passwords and service specifications. I thought that this might be a password mangling issue created by the transformation of EBCDIC characters into ASCII. SO I set about installing L0phtcrack on the target server in order that I might capture the incoming crededtials. I then set the password on the share to "PASSWORD" (chosen to be easy to crack), and "hey presto" when I run the test the crack fails which I think back's up the theory about this being a translatio...

...ject 'samba 3.0.7 cannot join NT4 domain', so I dug deeper. I also read carefully these docs: swat/help/Samba-HOWTO-Collection/domain-member.html swat/help/Samba-HOWTO-Collection/winbind.html This is what I observe: 1.I srtart from clean state: PDC has no HUNTER machine account (chkd with L0phtcrack) HUNTER has empty var/{lock,private} samba daemons are stopped, logs are deleted. 2.I run: # net join -U domadmin%password Joined domain PORT. l0phtcrack and SrvMgr show hunter$ now. (grayed out "WinNT wks or server") However, I have a msg in PDC security log (traslation from Russian): &...

David Allan Finch wrote: > Has anyone considerd modify the Unix encypt to use > the same system as NT. IE the encypted pasword in the > /etc/passwd or NIS/NIS+ table is the same for both? Err. That would be a *really* bad idea. See the l0phtcrack source for details :-). Seriously, though. The password hashes used on NT are very poor. They don't use salt and people are now speculating on using the unicode regularity of NT hashes (alternating zero bytes) to attack that further. This is the reason I say in ENCRYPT.txt that the smbpasswd...

...hen this patch can be very useful. > >Did you send this to Luke Howard as well? Just curious. Yes, but I haven't incorporated it yet as it introduces a lot of new code and I want to check it over carefully, particularly for any licensing issues (call me paranoid, but strings like "L0phtcrack" make me a little nervous :-)). Also, although I appreciate that this patch does solve a real world problem, I don't particularly wish to see the existing SAMBA LDAP schema entrenched when it is so incompatible with W2K. I am working on getting the nt5ldap code working again (http://www.d...