RE: Passwords with Lan Manager (LM) under Windows

["Craig Wright" <cwright () bdosyd com au>]

The session response key

Have a look at
http://www.blackhat.com/presentations/bh-asia-04/bh-jp-04-pdfs/bh-jp-04-
seki.pdf

About page 35-40 give or take from memory

Craig

-----Original Message-----
From: Thor (Hammer of God) [mailto:thor () hammerofgod com] 
Sent: 22 September 2005 12:00
To: Craig Wright; pand0ra.usa () gmail com; pen-test () securityfocus com
Subject: Re: Passwords with Lan Manager (LM) under Windows


----- Original Message -----
From: "Craig Wright" <cwright () bdosyd com au>
To: <pand0ra.usa () gmail com>; <pen-test () securityfocus com>
Sent: Wednesday, September 21, 2005 12:32 PM
Subject: RE: Passwords with Lan Manager (LM) under Windows


> Even NTLMv2  will break the hashing into chunks which are able to be 
> individually broken down.

I'm not sure what you mean... NTLMv2 uses a single 128bit key for the
hash, 
challenge and response...  Or are you referring to the NTLM2 session 
response key (56+56+16)? If so, that is not the same thing as NTLMv2...
Can 
you elaborate please ?

t


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------