Penetration Testing mailing list archives
Re: [PEN-TEST] NT 4.0 and MD4 Hash
From: Etaoin Shrdlu <shrdlu () deaddrop org>
Date: Wed, 6 Dec 2000 09:12:01 -0800
Chris Paget wrote:
However - this does raise another question. If NT does indeed use MD4, and MD4 has been broken (according to the RSALabs FAQ, "collisions for the full version of MD4 can be found in under a minute on a typical PC"), perhaps L0phtcrack can be bettered? Does anyone have a copy of the article in which the MD4 crack is described (CryptoBytes (3) 1, Autumn 1995)? If so, please forward it to me and I'll have a go at writing some code to do it...
I'd suggest (and I'm surprised no one's brought it up before now) that you go off and look at John the Ripper before you work too hard on this. I always use john in place of l0phtcrack. It's quicker, you can use it on multiple password systems, and it finds NT passwords that l0phtcrack didn't (or at least I got bored with waiting for it). Use the source, luke. -- Real programmers disdain structured programming. Structured programming is for compulsive neurotics who were prematurely toilet-trained. They wear neckties and carefully line up pencils on otherwise clear desks.
Current thread:
- [PEN-TEST] NT 4.0 and MD4 Hash Chad Gough (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Chris Paget (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Alfred Huger (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Chris Paget (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Etaoin Shrdlu (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Olle Segerdahl (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Denis Ducamp (Dec 10)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Alfred Huger (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Chris Paget (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Paul Cardon (Dec 07)
- <Possible follow-ups>
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Chad Gough (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Renshaw, Rick (R.) (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Osborne-1, Brett (Dec 10)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash crazytrain.com (Dec 10)