Date: Sat, 11 Sep 2010 12:26:02 +0200 From: "Magnum, P.I." <rawsmooth@...dband.net> To: john-users@...ts.openwall.com Subject: Re: Attacking Windows-ALT chars in LM Hashes On 09/10/2010 06:49 PM, Solar Designer wrote: > I think you confused LM (DES-based, 8 bits per char, two 56-bit keys) > and NTLM (MD4-based, 16 bits per char). Doh, sorry about that. Anyway here is an article that lists all ALT codes that will "cause the LMHash to disappear": http://technet.microsoft.com/en-us/library/dd277300.aspx The wikipedia article for "LM hash" incorrectly states that the LM hash is produced from the password encoded in ASCII, while its reference for that information says that it is the password encoded as an OEM string. The latter is true. I really wonder if this means a client using one codepage could produce hashes that can't be verified against a server using another. Or will cp437 be used regardless of language settings? magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.