RE: Defeating password cracking
From: dave (dave@netmedic.net)
Date: 02/19/03
- Previous message: Frank Heyne: "Restricting CmdExec Rights to Sysadmin"
- Maybe in reply to: dave: "Defeating password cracking"
- Next in thread: Jim Kelly: "Re: Defeating password cracking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "dave" <dave@netmedic.net> To: "'Anders Thulin'" <Anders.Thulin@kiconsulting.se> Date: Wed, 19 Feb 2003 10:07:04 -0500
Yes Anders,
On W2k you can shut of LM Hashes by adding the key
HKLM\System\CurrentControlSet\Control\Lsa\NoLMHash (yes just a blank key)
And on XP by adding the value under LSA NoLMHash=1
HKLM\system\currentcontrolset\control\lsa\nolmhash=1
Remember these do not take affect until after the next time a password is
changed, then it no longer stores the LM hash.
Also that ALT- character set I put in the original post, I could not get LC4
to reproduce/crack these no matter how short I made the password.
Cheers,
Dave
_____________________
Dave Kleiman
dave@netmedic.net
www.netmedic.net
>> -----Original Message-----
>> From: Anders Thulin [mailto:Anders.Thulin@kiconsulting.se]
>> Sent: Wednesday, February 19, 2003 03:28
>> To: dave
>> Subject: Re: Defeating password cracking
>>
>> Hello!
>>
>> dave wrote:
>>
>>
>> > 2. Defeating password crackers: Ok so now we make a user name "joev"
>> > (without the quotes) and we make the password "1234v". Well I spent 3
>> days
>> > and could not get the password cracked even after I added it to the
>> custom
>> > character sets; maybe I am just an amateur.
>>
>>
>> On the XP platform some of these special characters actually reset the
>> LM hash to 000...000 -- and so essentially disables LM authentication,
>> retaining
>> only the NTLM hash. (I've found this very useful to make my accounts a
>> bit more
>> secure in environments where the LM hashes a retained for backwards
>> compatibility
>> with NT systems). I believe it happens when the character in question
>> cannot be
>> mapped into the OEM character set that LM authentication is based on. You
>> seem to
>> be on an NT platform -- I have no idea what happens there, don't even
>> know if
>> there are any NTLM hashes to use on that platform.
>>
>> ':' in a password can trip up someone who uses John the Ripper
>> carelessly
>> as ':' is the field separator in the output, and not everyone ensures
>> that the
>> output lines are well formatted. TAB can confuse L0phtcrack in the
>> same way. And with both programs '???????' may confuse some operators, as
>> it
>> is used to indicate an as-yet-uncracked half of an LM password.
>>
>> Using LF and CR in passwords is also useful -- there's currently no
>> way to
>> represent those characters in a dictionary file without introducing
>> a new word. You might be able to add it to the brute force character set
>> in L0phtcrack, though -- haven't experimented with that.
>>
>>
>> Nice work about the checking how this affects the boot-disk password-
>> changing
>> programs. I never thought they would be affected, myself.
>> --
>> Anders Thulin anders.thulin@kiconsulting.se 040-661 50 63
>> Ki Consulting AB, Box 85, SE-201 20 Malmo", Sweden
>>
- Next message: Jim Kelly: "Re: Defeating password cracking"
- Previous message: Frank Heyne: "Restricting CmdExec Rights to Sysadmin"
- Maybe in reply to: dave: "Defeating password cracking"
- Next in thread: Jim Kelly: "Re: Defeating password cracking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
