Results 1 to 8 of 8

Thread: mscash to md4 ??

  1. #1
    Junior Member
    Join Date
    Mar 2006
    Posts
    2

    mscash to md4 ??

    Hi

    I found this somewhere:
    MSCASH = MD4( MD4(password ) || lowercase(username) )
    Can somebody please explain every step of generating an mscash hash (first generate the md4 hash of the plain text password.......)?

    and is there any way to revert an mscash hash to an md4 hash, if the salt (=username) is known?

    I'd be very grateful for a reply

  2. #2
    Senior Member Deeboe's Avatar
    Join Date
    Nov 2005
    Posts
    185
    Did you find that information here: http://www.securiteam.com/tools/5JP0I2KFPA.html It seems to explain it (kinda) well already.

    Let ask this, what are you trying to accomplish. It may be easier to answer your question with that sort of information.

    -Deeboe
    If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
    - Sun Tzu, The Art of War

    http://tazforum.**********.com/

  3. #3
    Senior Member
    Join Date
    Mar 2004
    Posts
    557
    Hi

    I think this formula, whatever the "symbols" means, is incomplete[1].
    However, I just crosschecked with the jtr-diff[2], so I may be slightly
    wrong

    The MSCASH is built as follows:

    1. pad "username" to 64 unicode chars (128 byte)

    There is no lowercasing of the username. However, it is made sure that
    the order is little-endian. I think, but I am not completely sure, that this
    was the confusion for the "lowercase-assumption".

    2. take the MD4-hash of the unicoded password (16 unicode chars = 32 bytes)

    3. Append the 128-byte tabbed unicoded username to "MD4(password)"

    4. take the MD4-hash of the unicoded version of the construct in step 3.

    Done.


    As per your question:
    is there any way to revert an mscash hash to an md4 hash, if the salt (=username) is known?
    Not sure, whether I understand your question, but I would say: No.

    MD4 is a one-way function, not the best one, but still a one-way function.
    You cannot solve for the "argument" of the MD4-function knowing the
    "result". Knowing the unicoded, little-endian ordered and tabbed username
    helps to reduce the "candidate"-space, still, you would have to find ("brute-force")
    MD4(password) (and then (poor approach however) find password from
    knowing MD4(password)).

    The role of the salt simply is to nullify the usage of pre-calculated rainbow-tables.


    Cheers.

    [1] http://www.securiteam.com/securityre...OP0N2KF6S.html
    [2] http://www.openwall.com/john/contrib...cash-5.diff.gz
    If the only tool you have is a hammer, you tend to see every problem as a nail.
    (Abraham Maslow, Psychologist, 1908-70)

  4. #4
    it looks like a way to check to see if the password and username are accepted in some login screen or something. My guess is that MSCASH is a sort of variable or possible access to a db file. The password you log in with is encrypted with the MD4 algorithm, paired with the lowercase(username), and either stored as the variable or checks the file MSCASH to see if it has that username/password combo

    again, this is only a guess... a little more info would be necessary to accuratelly tell what it does such as what the file is called where the text came from, what language this is in, etc etc

  5. #5
    Senior Member
    Join Date
    Mar 2004
    Posts
    557
    Hi

    [small rant]
    Digoy, it is fine to assume, to guess and to think, but at least try to
    make a little bit of research. You can provide yourself with the information
    needed in this case. The MSCash is nothing wrapped in mystery, it is simply
    the hashing mechanism of Microsoft to store Domain login credentials on the
    local machine. An excerpt of Irongeek's excellent tutorial here on AO (one of the
    most viewed once):

    By default Windows 2000, XP and 2003 systems in a domain or Active Directory tree cache the
    passwords and credentials of previously logged in users. This is done so that the users can still
    login again if the Domain Controller or ADS tree can not be reached either because of Controller
    failure or network problems. These cached passwords are stored as hashes in the local systems
    registry at the values HKEY_LOCAL_MACHINE\SECURITY\CACHE\NL$1 though NL$10.

    [/small rant]
    If the only tool you have is a hammer, you tend to see every problem as a nail.
    (Abraham Maslow, Psychologist, 1908-70)

  6. #6
    Junior Member
    Join Date
    Mar 2006
    Posts
    2
    Thanks for your help

  7. #7
    MD4 is a hash function, which means there's no easy way back -- you're looking at brute-force (possibly through a reduced space if there are flaws in the algorithm).

    Without context, it's hard to interpret that line -- does || mean a bitwise or, or concatenation, or something else?

  8. #8
    Since MDx functions are "message digest" functions, the answer is that no, there is no way to get the original hash from the MSCACH hash, since MD4 (like the more common MD5) is a one-way hash type function.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •