Re: Passwords with Lan Manager (LM) under Windows
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa_at_pacbell.net)
Date: 09/23/05
- Previous message: Stephan: "Re: SAM user dump"
- In reply to: philippe.nospam.oechslin_at_objectif-securite.nospam.ch: "Re: Passwords with Lan Manager (LM) under Windows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 23 Sep 2005 09:47:21 -0700 To: philippe.nospam.oechslin@objectif-securite.nospam.ch, pen-test@securityfocus.com
There's an excellent chapter on Passwords in the Johansson/Riley
"Protect your Windows Network"
Amazon.com: Books: Protect Your Windows Network : From Perimeter to Data
(Microsoft Technology):
http://www.amazon.com/exec/obidos/tg/detail/-/0321336437/qid=1127493996/sr=8-1/ref=pd_bbs_1/104-1141862-3682369?v=glance&s=books&n=507846
philippe.nospam.oechslin@objectif-securite.nospam.ch wrote:
>Hello Cedric!
>
>The characterset used for LanMan passwords is the OEM character set used in original IBM PCs.
>
>The reference to 142 characters probably refers to the number of chars that you could type on a standard keyboard.
>
>In recent Window OSs there is no limitation about the character set. You can use any 8bit character that you are able to type in a text box or on a command line.
>
>A quick test on my XP system show that characters above 127 can be used in "net user /add" command. Strangely enough some groups of them generate the same LMHash while generating different NThashes:
>
>128,135
>129,154
>130,144
>131,133,160
>132,142
>134,143
>136,137,138
>139,140,141,161
>145,146
>147,149,162
>148,153
>150,151,163
>152,255
>164,165
>228,229
>232,237
>
>which yields 106 different character above 127.
>
>from the lower 128 chars, tab, space and delete are not easy not enter in an input field.
>
>This leaves us with a total of 231 working characters...
>
> cheers,
>
> Philippe
>
>
>
>------------------------------------------------------------------------------
>Audit your website security with Acunetix Web Vulnerability Scanner:
>
>Hackers are concentrating their efforts on attacking applications on your
>website. Up to 75% of cyber attacks are launched on shopping carts, forms,
>login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
>futile against web application hacking. Check your website for vulnerabilities
>to SQL injection, Cross site scripting and other web attacks before hackers do!
>Download Trial at:
>
>http://www.securityfocus.com/sponsor/pen-test_050831
>-------------------------------------------------------------------------------
>
>
>
>
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
- Previous message: Stephan: "Re: SAM user dump"
- In reply to: philippe.nospam.oechslin_at_objectif-securite.nospam.ch: "Re: Passwords with Lan Manager (LM) under Windows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
