Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 9 Apr 2006 20:39:06 +0200
From: "thomas springer" <thomas.springer@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: windows passwords now don't work

Alex is right: Lan-Manager was initially developed by Microsoft and
3Com, then in the late 80s licenced by IBM for OS2.
LM-Hashes were used in many Network-Stacks in old Windows-Version
(everything below W95b) and are still stored to keep connectivity with
this Machines (There is a Patch for Win95, but nothing that makes DOS
or WfW 3.11 understand NTLM!).

NTLM-Hashes were introduced with Windows NT

You can tell Windows not to store the LM-Hash by modifying a registry
value or just take a password longer than 14 chars (this doesn't fit
in 2 7Byte-Parts). Windows will then correctly tell you that this
breaks connectivity to WfW, DOS and early Win95-Versions.

tom

On 4/8/06, Solar Designer <solar@...nwall.com> wrote:
> On Fri, Apr 07, 2006 at 09:03:24AM +0100, Hari Sekhon wrote:
> > Are you saying that the lm hash is case insensitive but your password
> > is. If your password is compared to the lm hash then how could it be
> > case sensitive. It must be compared to a case sensitive hash. Are ntlm
> > and lm hashes different, ie the nt one was a next gen hash that enabled
> > case sensitivity?
>
> You're correct - except maybe for the historical aspect of it:
>
> I am unsure whether it is appropriate to say that NTLM hashes are the
> "next gen".  They might not have been introduced into Windows NT any
> later than LM ones.  They were already in use in NT 4 and most likely
> earlier.
>
> I think there are also cases when a provided password is compared
> against the target user's LM hash only - but that's not what happens for
> local logins.
>
> I am really no Windows expert; I am not even a user.  Maybe someone else
> would be able and willing to provide a more elaborate explanation of the
> issues involved - what LM hashes are for, etc.
>
> --
> Alexander Peslyak <solar at openwall.com>
> GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
> http://www.openwall.com - bringing security into open computing environments
>
> Was I helpful?  Please give your feedback here: http://rate.affero.net/solar
>
> --
> To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
> to the automated confirmation request that will be sent to you.
>
>


--
thomas.springer@...il.com
[nach mir der synflood.]

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ