Penetration Testing mailing list archives
RE: Passwords with Lan Manager (LM) under Windows
From: "Craig Wright" <cwright () bdosyd com au>
Date: Thu, 22 Sep 2005 15:25:53 +1000
Happy to be pedantic, and corrected for not being specific enough to be accurate - but even MSFT is moving away from this (NTLM and Lanman). When it gets to the point where MSFT is finally going to AES and SHA256 at the expense of backward compatibility... Than is it not time to start improving Kerberos support with IPsec has been about for 5 years on MS products - longer on Unix Yes Kerberos has its issues at times as well, but it is a far better foundation I also think that this is turning into a few separate discussion points all under the same thread at the moment :) Craig -----Original Message----- From: Thor (Hammer of God) [mailto:thor () hammerofgod com] Sent: 22 September 2005 3:19 To: Craig Wright; pand0ra.usa () gmail com; pen-test () securityfocus com Subject: Re: Passwords with Lan Manager (LM) under Windows No need to look... I'm quite familiar with Urity's work ;) He spoke just before I did at a Blackhat conference a while back... We had dinner together (I think that was then... Rika translated for us...) and discussed it a bit. The presentation at BH Windows 2002 is more relevant than Tokyo, actually... In 2004 he discussed the NTLM2 response key-- that is not the same as the NTLMv2 challenge/response exchange... I may tend to be a bit pedantic sometimes, but I think it is important to be accurate when discussing security matters, particularly in the realm of authentication protocols. Since you said "NTLMv2" broke the hash into "chunks," I thought it proper to correct that statement. NTLMv2's challenges and responses are all 128 bit, linear keys. t ----- Original Message ----- From: "Craig Wright" <cwright () bdosyd com au> To: "Thor (Hammer of God)" <thor () hammerofgod com>; <pand0ra.usa () gmail com>; <pen-test () securityfocus com> Sent: Wednesday, September 21, 2005 9:48 PM Subject: RE: Passwords with Lan Manager (LM) under Windows The session response key Have a look at http://www.blackhat.com/presentations/bh-asia-04/bh-jp-04-pdfs/bh-jp-04- seki.pdf About page 35-40 give or take from memory Craig -----Original Message----- From: Thor (Hammer of God) [mailto:thor () hammerofgod com] Sent: 22 September 2005 12:00 To: Craig Wright; pand0ra.usa () gmail com; pen-test () securityfocus com Subject: Re: Passwords with Lan Manager (LM) under Windows ----- Original Message ----- From: "Craig Wright" <cwright () bdosyd com au> To: <pand0ra.usa () gmail com>; <pen-test () securityfocus com> Sent: Wednesday, September 21, 2005 12:32 PM Subject: RE: Passwords with Lan Manager (LM) under Windows
Even NTLMv2 will break the hashing into chunks which are able to be individually broken down.
I'm not sure what you mean... NTLMv2 uses a single 128bit key for the hash, challenge and response... Or are you referring to the NTLM2 session response key (56+56+16)? If so, that is not the same thing as NTLMv2... Can you elaborate please ? t ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Passwords with Lan Manager (LM) under Windows Cedric.Baechler (Sep 20)
- Re: Passwords with Lan Manager (LM) under Windows Tim (Sep 21)
- <Possible follow-ups>
- RE: Passwords with Lan Manager (LM) under Windows Craig Wright (Sep 21)
- Re: Passwords with Lan Manager (LM) under Windows Thor (Hammer of God) (Sep 22)
- RE: Passwords with Lan Manager (LM) under Windows Craig Wright (Sep 22)
- Re: Passwords with Lan Manager (LM) under Windows Thor (Hammer of God) (Sep 22)
- RE: Passwords with Lan Manager (LM) under Windows Craig Wright (Sep 22)
- Re: Passwords with Lan Manager (LM) under Windows Thor (Hammer of God) (Sep 22)
- RE: Passwords with Lan Manager (LM) under Windows Craig Wright (Sep 22)
- RE: Passwords with Lan Manager (LM) under Windows Craig Wright (Sep 22)
- RE: Passwords with Lan Manager (LM) under Windows Craig Wright (Sep 22)
- Re: Passwords with Lan Manager (LM) under Windows Thor (Hammer of God) (Sep 22)
- RE: Passwords with Lan Manager (LM) under Windows Craig Wright (Sep 22)
- Re: Passwords with Lan Manager (LM) under Windows Thor (Hammer of God) (Sep 22)
- RE: Passwords with Lan Manager (LM) under Windows Craig Wright (Sep 22)
- Re: Passwords with Lan Manager (LM) under Windows philippe . nospam . oechslin (Sep 23)
- Re: Passwords with Lan Manager (LM) under Windows Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Sep 24)