Penetration Testing mailing list archives
Re: [PEN-TEST] NT 4.0 and MD4 Hash
From: Denis Ducamp <Denis.Ducamp () HSC FR>
Date: Thu, 7 Dec 2000 09:02:51 +0100
On Wed, Dec 06, 2000 at 09:12:01AM -0800, Etaoin Shrdlu wrote:
Chris Paget wrote:However - this does raise another question. If NT does indeed use MD4, and MD4 has been broken (according to the RSALabs FAQ, "collisions for the full version of MD4 can be found in under a minute on a typical PC"), perhaps L0phtcrack can be bettered? Does anyone have a copy of the article in which the MD4 crack is described (CryptoBytes (3) 1, Autumn 1995)? If so, please forward it to me and I'll have a go at writing some code to do it...I'd suggest (and I'm surprised no one's brought it up before now) that you go off and look at John the Ripper before you work too hard on this.
John the Ripper doesn't know about NTLM (MD4) hashes, but he is so quick with LANMAN (DES) hashes... You may be interested in groar/titi http://www.groar.org/ In titi there's a command line tool called ntlm which caculates ntlm hashes with or without salt. The way ntlm works is : md4(unicode(password without the final \0)) So magic gives : ntlm(magic) = md4(unicode(6d 61 67 69 63)) = md4(6d 00 61 00 67 00 69 00 63 00) = 827B5320B42E9FD95CBB0E63451B701E
I always use john in place of l0phtcrack. It's quicker, you can use it on multiple password systems, and it finds NT passwords that l0phtcrack didn't (or at least I got bored with waiting for it).
Yes, John the Ripper http://www.openwall.com/john/ is the best and fastest password cracker. Denis Ducamp. -- Denis.Ducamp () hsc fr --- Hervé Schauer Consultants --- http://www.hsc.fr/ Du bon usage de ... http://usenet-fr.news.eu.org/fr-chartes/rfc1855.html
Current thread:
- [PEN-TEST] NT 4.0 and MD4 Hash Chad Gough (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Chris Paget (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Alfred Huger (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Chris Paget (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Etaoin Shrdlu (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Olle Segerdahl (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Denis Ducamp (Dec 10)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Alfred Huger (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Chris Paget (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Paul Cardon (Dec 07)
- <Possible follow-ups>
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Chad Gough (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Renshaw, Rick (R.) (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Osborne-1, Brett (Dec 10)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash crazytrain.com (Dec 10)