[PEN-TEST] RES: [PEN-TEST] admin rights on an IIS 5.0 with unicode bug?

[Frederico Queiroz <fqueiroz () ISH COM BR>]

Correct me if I'm wrong.
But this is a LM Hash.

1st 8 bytes are derived from the first seven characters of the password and
the second 8 bytes are derived from the 8th through 14th characters of the
password.

L0phtCrack could crack it.

More information take a look in the l0phtcrack docs.
[]s

Krugger

-----Mensagem original-----
De: Renato Ettisberger [mailto:renato.ettisberger () CH PWCGLOBAL COM]
Enviada em: Tuesday, March 27, 2001 4:48 AM
Para: PEN-TEST () SECURITYFOCUS COM
Assunto: Re: [PEN-TEST] admin rights on an IIS 5.0 with unicode bug?
BTW: My question is, how can I crack the password hash, when it comes in
the following form:

F:0x020020000000000000000000....
V:0x00000000a800000......