Using hashes, not text credentials...?

From: centipede (centiped@netvision.net.il)
Date: 07/21/01 

Message-ID: <3B59EF2F.4010902@netvision.net.il>
Date: Sun, 22 Jul 2001 00:07:59 +0300
From: centipede <centiped@netvision.net.il>
To: SECURITY-BASICS@SECURITYFOCUS.COM, focus-ms@SECURITYFOCUS.COM
Subject: Using hashes, not text credentials...?

Hi.

Is there a way, in a NT4.0 environment, one can use a 2nd user hashes
(caught using
l0pht for instance) in a resource usage authentication (thus making the
hashes cracking
process unnecessary) ?

thx
centipede.

Relevant Pages

  • Re: No LM Hash - no really
    ... One way to also test your environment is to create password that is longer ... stored as LM "Hash" due to LM design. ... >> How do you REALLY disable the generation of Lan Manager password hashes. ... >> Then i go to a workstation and reset the password of my domain account. ...
    (microsoft.public.win2000.security)
  • Re: system monitoring
    ... , then isolated environment works. ... it will not hash out and even using a plaintext input to Microsoft ... The solution would be to have a database of hashes of files of interest. ...
    (microsoft.public.win32.programmer.kernel)
  • Re: No LM Hash - no really
    ... > So how does one REALLY disable LM Hashes in an Active Directory ... Create a NoLMHash key, not a NoLMHash=1 DWORD ...
    (microsoft.public.win2000.security)
  • Using hashes, not text credentials...?
    ... Is there a way, in a NT4.0 environment, one can use a 2nd user hashes ... l0pht for instance) in a resource usage authentication (thus making the ...
    (Security-Basics)