September 2nd, 2003, 10:02 PM
Windows SAM Encryption
How is it possible to tell if the LANman plaintext password security hole has been fixed and also how is it possible to tell what sort of encryption is being used MD4, MD5 when using samdump to get password hashes. Will John the ripper try to crack MD4 system passwords or will it give some sort of error message? also what service pack does MD4 come as standard with because i have been having problems trying to nail a service pack 3 SAM password i have dumped the hashes by a method i am not even going to go into (My good God it took some time) and i know the password is at least 7 letters long anyone any idea how long the cracking of this could take i did some calculations at 1,000,000 try's a second (Jack the Ripper) it could take about 34 days anyone got any real experience of how long this is gunna take?
September 2nd, 2003, 11:00 PM
Well just off the top of my head I noticed that this site wasn't about teaching people how to get people's passwords, etc... You own this box? Doesn't seem like it... Why do you want this password so bad?... I'd suggest you delete the post or clarify your problem before too much time passes
Reality is the one who has it wrong, not you
September 3rd, 2003, 02:49 AM
guru@linux:~> who I grep -i blonde I talk; cd ~; wine; talk; touch; unzip; touch; strip; gasp; finger; mount; fsck; more; yes; gasp; umount; make clean; sleep;
September 3rd, 2003, 04:34 AM
LC4 is now commercial and you have to pay for it (yuk).
Use Cain & Abel, and support the freeware movement revolution, Hoo-rah!
Get Cain&Abel here: http://www.oxid.it
...This Space For Rent.
September 3rd, 2003, 07:16 AM
If you want to see if a machine is running LANMAN authentication,its in the registry, I think it varies from NT to 2000/XP but in 2k and XP in can be set in local security policy>security settings>local policies>security options Lanman auth level. I believe the levels are 1-5 in the registry. If youre not on the box but on the network you could also attempt a LANMAN authentication and sniff the exhange. I think the LM is some mickey mouse encryption and the NTLM is MD4 and NTLMv2 is MD5 (I'm not sure about those though)
EDIT: I dont know if LC4 will do NTLMv2, I dont think so, if thats what your trying to crack it probably isnt going to happen the v2 is alot better than the previous incarnations which were pretty easy.
\"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier
September 3rd, 2003, 11:13 AM
thanks maestro its nice to get a reply to my question, i don't usualy use forums because i usualy end up on some stupid tangent to my original question. Who cares why i want to know or what i am doing? by the way md4 and md5 encryption is hard to crack and all you people who think SAM security is gunna stay nice and simple are wrong the new ntmlv2 is 128 bit and with md4 encryption instead of the lanman storing all charecters as capitals and thus making cracking easy, md4 and md5 store both upper and lower case characters making passwords more difficult, also lanman stored passwords over 7 charecters in two blocks of 32bits giving you two sections of easily crackable (or at least possible to crack) blocks of 7, md4 however doesn't split into these blocks and stores the password whole, meaning if the password lets say is 14 characters using john the ripper this could take 170,000 years to crack. cryptoanalysis anyone?
i don't like LOPHT crack because after you have dumped hashes in the readily available version it won't try and crack the admin password which, lets face it, is adament to the integrity of the network. The Box i am using is my own and i am trying to find ways of getting into it because , well, i've got nothing better to do befoer i go back to uni
cheers for the info