lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20030722203719.4622.qmail@www.securityfocus.com>
Date: 22 Jul 2003 20:37:19 -0000
From: <bugtraq@...hslin.net>
To: bugtraq@...urityfocus.com
Subject: Cracking windows passwords in 5 seconds





As opposed to unix, windows password hashes can be calculated in advance 
because no salt or other random information si involved. This makes so 
called time-memory trade-off attacks possible. This vulnerability is not 
new but we think that we have the first tool to exploit this.

At LASEC (lasecwww.epfl.ch) we have developed an advanced time-memory 
trade-off method. It is based on original work which was done in 1980 but 
has never been applied to windows passwords. It works by calculating all 
possible hashes in advance and storing some of them in an organized 
table. The more information you keep in the table, the faster the 
cracking will be.

We have implemented an online demo of this method which cracks 
alphanumerical passwords in 5 seconds average (see 
http://lasecpc13.epfl.ch/ntcrack). With the help of 0.95GB of data we can 
find the password after an average of 4 million hash operation. A brute 
force cracker would need to calculate an average of 50% of all hashes, 
which amounts to about 40 billion hases for alphanumerical passwords 
(lanman hash).

More info about the method can be found at in a paper at 
http://lasecwww.epfl.ch/php_code/publications/search.php?ref=Oech03.

  Philippe Oechslin



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ