RE: Passwords with Lan Manager (LM) under Windows

From: Craig Wright (cwright_at_bdosyd.com.au)
Date: 09/22/05

  • Next message: Craig Wright: "RE: Passwords with Lan Manager (LM) under Windows" 
    Date: Thu, 22 Sep 2005 15:05:58 +1000
To: "Thor (Hammer of God)" <thor@hammerofgod.com>, <pand0ra.usa@gmail.com>, <pen-test@securityfocus.com>

    Further to the last post
    There are a number of issues with NTLMv2 and legacy applications such as
    Windows RAS that cause lower levels of authentication

    I still say that Kerberos or IPsec based auth is the best policy in
    windows. LanMan, NTLMv1 or V2 are vulnerable.

    Precomputed tables may have been uncommon 12 months ago - but that was
    then and this is now.

    Cain & Abel will use sorted Rainbow Tables for Cryptanalysis attacks

    Craig

    -----Original Message-----
    From: Thor (Hammer of God) [mailto:thor@hammerofgod.com]
    Sent: 22 September 2005 12:00
    To: Craig Wright; pand0ra.usa@gmail.com; pen-test@securityfocus.com
    Subject: Re: Passwords with Lan Manager (LM) under Windows

    ----- Original Message -----
    From: "Craig Wright" <cwright@bdosyd.com.au>
    To: <pand0ra.usa@gmail.com>; <pen-test@securityfocus.com>
    Sent: Wednesday, September 21, 2005 12:32 PM
    Subject: RE: Passwords with Lan Manager (LM) under Windows

    > Even NTLMv2 will break the hashing into chunks which are able to be
    > individually broken down.

    I'm not sure what you mean... NTLMv2 uses a single 128bit key for the
    hash,
    challenge and response... Or are you referring to the NTLM2 session
    response key (56+56+16)? If so, that is not the same thing as NTLMv2...
    Can
    you elaborate please ?

    t

    ------------------------------------------------------------------------------
    Audit your website security with Acunetix Web Vulnerability Scanner:

    Hackers are concentrating their efforts on attacking applications on your
    website. Up to 75% of cyber attacks are launched on shopping carts, forms,
    login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
    futile against web application hacking. Check your website for vulnerabilities
    to SQL injection, Cross site scripting and other web attacks before hackers do!
    Download Trial at:

    http://www.securityfocus.com/sponsor/pen-test_050831
    -------------------------------------------------------------------------------

  • Next message: Craig Wright: "RE: Passwords with Lan Manager (LM) under Windows"

    Relevant Pages

    • Re: Passwords with Lan Manager (LM) under Windows
      ... Well, that's an issue with the client, not NTLMv2. ... Passwords with Lan Manager under Windows ... Cain & Abel will use sorted Rainbow Tables for Cryptanalysis attacks ...
      (Pen-Test)
    • SecurityFocus Microsoft Newsletter #223
      ... is a free service that gives you the ability to track and manage attacks. ... 3Com 3CDaemon Multiple Remote Vulnerabilities ... Windows Update Services ... Relevant URL: http://www.securityfocus.com/bid/12148 ...
      (Focus-Microsoft)
    • Re: So, windows doesnt get viruses and worms eh?
      ... Computers will get attacked often if you have a constant ... computers running Unix, Windows and Linux. ... on broadband and have never had problems with viruses or worms. ... The viruses aren't the think that's hurting the web, it's DOS attacks. ...
      (comp.sys.mac.advocacy)
    • SecurityFocus Microsoft Newsletter #148
      ... MICROSOFT VULNERABILITY SUMMARY ... allowing for cross-site scripting attacks. ... It is available for the Microsoft Windows platform. ... Relevant URL: ...
      (Focus-Microsoft)
    • RE: superscan on win2k vs winxp
      ... If you have any need to do this from a fully updated windows box. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ...
      (Pen-Test)