Re[2]: Stealing NT passwords through WiFi?

[3APA3A <3APA3A () SECURITY NNOV RU>]

Dear Ugen,

--Thursday, May 20, 2004, 7:31:38 PM, you wrote to 3APA3A () SECURITY NNOV RU:

> >
U> I am under impression that as an authentication server the rogue system
U> can require any version of
U> MS-CHAP it chooses. If the original system is configured to support both
U> (and XP supplicant does,
U> not even sure if there is an easy way to force v2. only) the reply will

I  have  no  Wi-Fi  to  check,  for  dialup connection you can (advanced
settings of security option for connection).

U> include LM hash. Got to test
U> that, of course.

It depends on security settings. Group policy (or local security policy)
can  prevent  system  from  handshaking  LM response and from storing LM
hash.

> > It  doesn't  matter  if  you recover cleartext password by bruterforcing
> > password  or  you  recover  password  hash by cracking DES, because with
> > password  hash  you  can  connect  to  any  resource  without  cleartext
> > password.
> >  
U> I took a shortcut in description here indeed :) This is the crucial 
U> point though - I haven't found
U> ready made tools to work this step, though there was mention somewhere

I  patched  md4.c from Samba distribution to convert from hex instead of
hashing  password  (NT hash is actually an MD4 from Unicode password) if
already given something like hash (32 Unicode [0-9A-F] charecters). This
small  patch  allows to use smbclient with a hash in a hex instead of
cleartext password.

        D = 0x10325476;
+                                                                               
+                                                                               
+       if(n == 64){                                                            
+               int j;                                                          
+               unsigned char * hexd = (unsigned char *)"0123456789ABCDEF";     
+               for(j = 0; j<16; j++){                                          
+                       if(!strchr(hexd, in[(j<<2)]))break;                     
+                       if(in[(j<<2)+1])break;                                  
+                       if(!strchr(hexd, in[(j<<2)+2]))break;                   
+                       if(in[(j<<2)+3])break;                                  
+                       out[j] = ((strchr(hexd, in[(j<<2)]) - (char *)hexd)<<4);
+                       out[j] ^= (strchr(hexd, in[(j<<2)+2]) - (char *)hexd);  
+               }                                                               
+               if(j == 16) {                                                   
+                       return;
+               }                                                               
+       }                                                                       
                                                                                
        while (n > 64) {                                                        


U> that l0phtcrack is able
U> to use MS-CHAP (no version specified) data as an input. This is where
U> I'd welcome good
U> suggestions.

Any NTLM cracking tool is OK for MS-CHAPv1. For DES bruteforcing you can
use any DES cracking tool, like john-the-ripper with challenge as a salt
and  each  8  bytes  of  the response as a crypted password. First 16 of
resulting  21  bytes are password hash. Approx. half of year is required
to  crack  3  DES  portions  on  single PC (because full bruteforcing is
required) with fast "sliced" DES implementation. Test code I wrote works
too slow, because standard DES it used.

-- 
~/ZARAZA
Жало мне не понадобится (С. Лем)