Penetration Testing mailing list archives

Re: [PEN-TEST] Security ????

From: "Osborne-1, Brett" <Brett.Osborne-1 () KSC NASA GOV>
Date: Mon, 5 Feb 2001 14:20:00 -0500

SYSKEY has 3 modes (per Q143475, et. al.: "autoboot", "floppyboot", and
"password boot"). And the results you've captured are hashed with One-Way
Functions. Decryption should be unpracticable.

B*U*T assume that a system admin using SYSKEY would use "password" mode and
create a 14-character password. The result would be a keyspace of about 80+
bits. That is more than a dozen times stronger than 56-bit encryption. Do
the math. And that is just regarding cracking password. With the added need
(at least, great benefit) to also gaining encryption keys, the use of SYSKEY
should make cracking impracticable.

See microsoft's tomes, as well as Trusted System' (trustedsystems.com)
papers on NT Security.

Brett Osborne
CLCS Network Security Engineer
"Whenever you eliminate the impossible, whatever remains, however
improbable, must be the truth." Sherlock Holmes

-----Original Message-----
From: John Bumgarner [mailto:JBumgarner () MATRIXNETWORKING NET]
Sent: Thursday, February 01, 2001 3:59 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: [PEN-TEST] Security ????



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

To the list,

Does anyone know of an application that can be used to audit MS
Outlook Web Access?  I have all the account names gathered through
known web holes and the SAM file, but it is encrypted with SYSKEY,
which is the next question.

Does anyone know how to unencrypted a SAM file that has been
encrypted with SYSKEY?

Please respond to me with any questions or comments.

Sincerely,

John Bumgarner
Matrix Networking Group, LLC
11440 Carmel Commons Blvd.
Suite 110
Charlotte, NC  28226
* Voice:  (704) 405-3717
* Fax:     (704) 405-2662
* mailto:jbumgarner () matrixnetworking net
<mailto:jbumgarner () matrixnetworking net>
       www.matrixnetworking.net




-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use < http://www.pgp.com
<http://www.pgp.com> >

iQA/AwUBOnnOIzI5K0kmDqujEQLI2wCgpPvOiBXmyqDyCbLweb4Y6LqqxSIAoOn5
Sw39BNYL1QcrZsKHFxgIPN8K
=Vir2
-----END PGP SIGNATURE-----

Current thread:

[PEN-TEST] Security ???? John Bumgarner (Feb 01)
- <Possible follow-ups>
- Re: [PEN-TEST] Security ???? Osborne-1, Brett (Feb 05)
- Re: [PEN-TEST] Security ???? Beauregard, Claude Q (Feb 06)