Penetration Testing mailing list archives

Re: Insecure Hash Algorithms (MD5) and NTLMv2

From: Daniel Miessler <daniel () dmiessler com>
Date: Wed, 2 Nov 2005 00:43:13 -0500


On Nov 1, 2005, at 6:46 AM, Thierry Zoller wrote:

DM> Just because MD5 has become "relatively" weak in recent months
DM> doesn't mean that it's trivial to create/find collisions using it.

http://www.doxpara.com/t1.html
http://www.doxpara.com/t2.html

Hmm, yes, there are plenty of examples like the ones you'vehighlighted, but they all have something in common -- the input ANDthe output are known (chosen plaintext?)

That's the issue here when trying to crack password hashes is tryingto find the input to the algorithm. Now, I'm not following this scenemuch, but unless you can easily create random strings that hash to agiven MD5 output (when you don't know what the original input was),then we haven't gained much in terms of breaking NTLMv2 hashes in myview.


Am I missing something here?

--
Daniel R. Miessler
M: daniel () dmiessler com
W: http://dmiessler.com
G: 0x316BC712

Attachment: PGP.sig
Description: This is a digitally signed message part

Current thread:

Re: Insecure Hash Algorithms (MD5) and NTLMv2 Thierry Zoller (Nov 01)
- Re: Insecure Hash Algorithms (MD5) and NTLMv2 Daniel Miessler (Nov 01)
  - Re: Insecure Hash Algorithms (MD5) and NTLMv2 Steve Friedl (Nov 03)
    - Re: Insecure Hash Algorithms (MD5) and NTLMv2 Daniel Miessler (Nov 04)
- RE: Insecure Hash Algorithms (MD5) and NTLMv2 Ben Nagy (Nov 03)
  - Re: Insecure Hash Algorithms (MD5) and NTLMv2 Thor (Hammer of God) (Nov 04)
- <Possible follow-ups>
- RE: Insecure Hash Algorithms (MD5) and NTLMv2 Miguel Dilaj (Nov 01)
  - Re: Insecure Hash Algorithms (MD5) and NTLMv2 Jack Lloyd (Nov 03)