RE: Defeating password cracking

From: dave (dave@netmedic.net)
Date: 02/19/03

  • Next message: Wilcox, Stephen: "RE: Defeating password cracking" 
    From: "dave" <dave@netmedic.net>
To: <jim@essistants.com>
Date: Tue, 18 Feb 2003 22:54:57 -0500

    Jim,

    You are correct LC4 can brute special characters, and I was successfully
    able to do so with most of them except the ones I listed. Those I could not
    even if I tried to enter them in the custom character set.

    These are all ALT characters that L0phtCrack and Advanced NT Security
    Explorer could not detect. 1-32 127-130 132 134 135 142-146 148 153-159
    164-255 0127 0131 0135 0149 0160-0167 0170-0172 0176-0178 0181-0183
    0186-0189 0191 0196-0199 0201 0209 0214 0220 0223 0228-0231 0233 0241 0246
    0247

    Dave
     
    _____________________
    Dave Kleiman
    dave@netmedic.net
    www.netmedic.net

     

    >> -----Original Message-----
    >> From: Jim Kelly [mailto:jim@essistants.com]
    >> Sent: Tuesday, February 18, 2003 22:42
    >> To: dave
    >> Cc: focus-ms@securityfocus.com
    >> Subject: Re: Defeating password cracking
    >>
    >> LC4 can brute force passwords with special characters. One interesting
    >> thing that I found, which was recently addressed on one of these
    >> lists, whas the fact that LC4 will display "empty" if the password
    >> is to long. I don't know if LC4 can do anything if the password
    >> is this long... interesting idea with the special characters on the
    >> usernames for your usable admin account. I think i'll implement
    >> that.
    >>
    >> Jim
    >>
    >>
    >>
    >>
    >>
    >>

    Relevant Pages