星期三, 七月 23, 2003
Windows Password Crack Made Easy
A recent paper showed some improvement to crack alphanumeric Windows password. As you may know, Windows stored two hashes of a user's password: the LANMan hash for those pre-NT and Mac machiens, and the windows hash (NTLM and NTLMv2). These are stored in the SAM database. What to take a look of these hashes? Try pwdump. A description of that can be found here. Related news is here.
A side note: before this new idea, well-known windows password cracker is L0phtCrack
.
The technique descriped in the paper only affects LANman and NTLM hashes. However, NTLMv2 is not enabled by default (HKLM\System\CurrentControlSet\Control\LSA\ LMCompatibilityLevel, default is 0) . Based on that paper, the authors' site offered a tool to crack these hashes (at least you should have LANMan hash). I submitted a test acccount hash to it and now wait for the result....
A side note: before this new idea, well-known windows password cracker is L0phtCrack
.
The technique descriped in the paper only affects LANman and NTLM hashes. However, NTLMv2 is not enabled by default (HKLM\System\CurrentControlSet\Control\LSA\ LMCompatibilityLevel, default is 0) . Based on that paper, the authors' site offered a tool to crack these hashes (at least you should have LANMan hash). I submitted a test acccount hash to it and now wait for the result....
Comments:
发表评论
