Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Sun, 9 Apr 2006 20:39:06 +0200
From: "thomas springer" <thomas.springer@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: windows passwords now don't work

Alex is right: Lan-Manager was initially developed by Microsoft and
3Com, then in the late 80s licenced by IBM for OS2.
LM-Hashes were used in many Network-Stacks in old Windows-Version
(everything below W95b) and are still stored to keep connectivity with
this Machines (There is a Patch for Win95, but nothing that makes DOS
or WfW 3.11 understand NTLM!).

NTLM-Hashes were introduced with Windows NT

You can tell Windows not to store the LM-Hash by modifying a registry
value or just take a password longer than 14 chars (this doesn't fit
in 2 7Byte-Parts). Windows will then correctly tell you that this
breaks connectivity to WfW, DOS and early Win95-Versions.

tom

On 4/8/06, Solar Designer <solar@...nwall.com> wrote:
> On Fri, Apr 07, 2006 at 09:03:24AM +0100, Hari Sekhon wrote:
> > Are you saying that the lm hash is case insensitive but your password
> > is. If your password is compared to the lm hash then how could it be
> > case sensitive. It must be compared to a case sensitive hash. Are ntlm
> > and lm hashes different, ie the nt one was a next gen hash that enabled
> > case sensitivity?
>
> You're correct - except maybe for the historical aspect of it:
>
> I am unsure whether it is appropriate to say that NTLM hashes are the
> "next gen".  They might not have been introduced into Windows NT any
> later than LM ones.  They were already in use in NT 4 and most likely
> earlier.
>
> I think there are also cases when a provided password is compared
> against the target user's LM hash only - but that's not what happens for
> local logins.
>
> I am really no Windows expert; I am not even a user.  Maybe someone else
> would be able and willing to provide a more elaborate explanation of the
> issues involved - what LM hashes are for, etc.
>
> --
> Alexander Peslyak <solar at openwall.com>
> GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
> http://www.openwall.com - bringing security into open computing environments
>
> Was I helpful?  Please give your feedback here: http://rate.affero.net/solar
>
> --
> To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
> to the automated confirmation request that will be sent to you.
>
>


--
thomas.springer@...il.com
[nach mir der synflood.]

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ