True, but it only works on LANMAN hashes (which is deprecated), not, on NTLM and NTLMv2 (and even less kerberos)... And yes, lanman hashes are still computed and stored by default in the SAM even on W2k and XP but it is possible to disable the generation of these (don't remember the exact reg key, but it is possible...)Originally posted here by thehorse13
Not exactly. Depending on the OS (i.e. Windows), it may actually be *quicker* to crack a password that is longer than 7 characters. Sounds crazy, but it is true. The good folks at Foundstone have an excellent paper on this(and it appears in the Hacking Exposed series of books too).
To sum it up, a program like Lopht will split the hash into seven character blocks and crack them separately. This may speed it up because it would be like playing a game of Wheel of Fortune. You may be able to guess the password by seeing one of the other blocks cracked. This is a weakness in the LANMAN hash implementation originally developed by IBM. Send your complaints to the boys in blue.
Ammo
Reply With Quote