We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now


John the Ripper: Passwords displayed in UPPER case

mcoleson asked
Medium Priority
Last Modified: 2008-02-01
I am using John the Ripper to crack passwords from my Windows Domain. (I'm the admin).
It always displays the passwords in upper case. Is there a setting that will display them in their true (mixed) case?

Watch Question

This comes from a flaw in the way some windows system's are setup to store passwords, I belive this is the Unix/Linux compatible type where case doesn't matter. John the ripper cracks these becasue it's easier to guess than the mixed case passwords. I would suggest running pwdump on your domain to obtain the true MD5 hashes of the passwords.


I did run pwdump to create the file and then fed it into John the Ripper.
Since people rarely use upper case in their passwords, I knew that John must be displaying them in upper.
You probaly have your sever setup to contain lanman passwords, these are very weak as the convert the password to uppercase. In the pwdump file you should have two hashes one for lanman(LM) and one for NT, john the ripper should be able to crack the LM password then figure out the case of the NT password, you may have to play around with your options to getthis to work. I have posted an article from microsoft about the diffrent kind of hashes in the SAM database.


Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts


Makes sense. Thanks
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.