Security Basics mailing list archives
Re: Re: How Windows Password Cracking Programs Work
From: "Nagareshwar Talekar" <tnagareshwar () gmail com>
Date: Fri, 28 Jul 2006 14:40:45 +0530
Here are the ways in which windows passwords can be cracked... 1) Offline.. Anybody with physical access to the machine ( or from other OS on the same m/c ) can get SYSTEM registy hive (this has key with which hashes are encrypted) and SAM files. Then use cain & abel to get password hash. Once the password hashes are obtained its trivial procedure to use any of the cracking tools such as LC5, john, cain & abel etc. 2) Online LC5, cain&abel & pwdump tools can directly dump the hashes using LSASS process by using dll injection technique. Then these hashes can be cracked. Ofcourse user must have admin privileges. Any spyware or trozan can do this on machine running as admin. Windows hashes contain both LM and NTLM hashes. LM hashes are still stored for backward compatibility. For LM hash , password is converted to upper case and then the hash is taken. Hence its easy to break as 26 lower chars are eliminated. Also each hash is divided into group of 7 characters and they can be cracked independently. With Rainbow tables cracking job has become very easy and fast. Passwords can be cracked in seconds with right rainbow tables. However you need not have to waste time or memory for building huge rainbow tables...They are online now....check out ... http://plain-text.info/add/ https://www.astalavista.net/v2/?cmd=rainbowtables Hope this helps to understand it better... On 27 Jul 2006 02:15:42 -0000, e.m.baechle () ieee org <e.m.baechle () ieee org> wrote:
You've got it right. Password "Cracking" for the most part is nothing but a systematic attempt to create a hash that matches the one you took from the system. The program could use dictionaries, brute force, or a combination along with predictability routines for the language being used. The most important part of that is obtaining the password hash files to compare the guesses against. A lot of attention goes towards creating a "reasonably uncrackable password." But the first part of the password crack is to obtain the password hash files. Sincerely, Eric Baechle --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
-- With Regards Nagareshwar --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- How Windows Password Cracking Programs Work winshel (Jul 24)
- Re: How Windows Password Cracking Programs Work Dharmesh Sampat (Jul 25)
- Re: How Windows Password Cracking Programs Work Michal Merta (Jul 27)
- <Possible follow-ups>
- Re: How Windows Password Cracking Programs Work chris (Jul 27)
- Re: Re: How Windows Password Cracking Programs Work e . m . baechle (Jul 27)
- Re: Re: How Windows Password Cracking Programs Work Nagareshwar Talekar (Jul 28)