Full Disclosure mailing list archives
Re: NEW windows password encryption flaw..
From: Daniel Berg <daniel () eds de>
Date: 24 Jul 2003 08:50:19 +0200
Thanks for the info. I would suggest you could use the cleartext password since most people tend to reuse their passwords, which would maybe enable you to obtain access to other software/systems the owner of the hash has access to.... just a quick thought ...
Windows uses password hash in a same way as Unix uses cleartext password. ...
So, cracking of Windows hashes gives you nothing in fact.
-- Daniel Berg ++++++++++++++++++++++++++ +EDS Germany +Security & Privacy +email: daniel () eds de +cell: +491792287327 +http://www.bsdaddict.org ++++++++++++++++++++++++++ Disclaimer... The opinions expressed in this email are personal ones, and are not necessarily equal to the opinions of EDS Germany GmbH. The information in this email is confidential and is solely intented for the receipent of this mail. If you are not the intented receipent of this email plz contact the sender, and delete the mail immediately. You must not use, disclose, alter, distribute, copy, print or rely on any of the given information in this email. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: NEW windows password encryption flaw.., (continued)
- Re: NEW windows password encryption flaw.. Darren Bennett (Jul 23)
- Off-Topic: Defcon Meeting? Daniel Berg (Jul 23)
- Re: Off-Topic: Defcon Meeting? Steve Bremer (Jul 24)
- Re: Off-Topic: Defcon Meeting? Thor Larholm (Jul 24)
- Re: Off-Topic: Defcon Meeting? 404 (Jul 24)
- RE: Off-Topic: Defcon Meeting? Robert Davies (Jul 24)
- Re: Off-Topic: Defcon Meeting? misiu_ (Jul 28)
- Off-Topic: Defcon Meeting! Daniel Berg (Jul 24)
- Re: Off-Topic: Defcon Meeting! Gwendolynn ferch Elydyr (Jul 28)
- Re: NEW windows password encryption flaw.. Darren Bennett (Jul 23)
- Re: Off-Topic: Defcon Meeting? Person (Jul 24)