Re: ADS Password Storage Protection

On 7/26/2006 11:46 PM, eric.baechle@xxxxxxx wrote:
I think everyone is on the same page about the mathematical complexity of passwords either coming from length or from additional character ranges.

But how does one begin to crack a password? One would first need the password hash. Where are the password hashes stored? How are the accessed? Once you have the answer to those questions, then you may decide that a 4-character simple password is good enough. Because if an attacker can crack your password hash, they had or HAVE access to your password hash, which means they've got system rights to your Domain Controllers! What's the bigger problem?

Sincerely,

Eric B.


That's not necessarily true. It sounds like you're assuming pwdump-ing
here.

Perhaps they grabbed the hash by getting physical access to a computer
that has your hash cached (eg. steal your laptop, mount the hdd on
another computer, grab the sam file, extract the domain admin hash).

Or perhaps they grabbed it in transit (eg. sniffed the hash on the way
to the domain controller).

Either way, they have the hash without the access...until they crack it.
And a 4 char hash, even with 4 character sets, would take very little
time to break.

-Neil.

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Relevant Pages

  • RE: RE: ADS Password Storage Protection
    ... The hash is the NT hash, which is a tough nut to crack. ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic Excellence ... in Information Security. ...
    (Security-Basics)
  • Re: cracking Y2k DC Admin password
    ... If the Domain Admin has recently logged into the server, ... Cain and Able to crack it. ... view the format of the captured hash. ... Cenzic Hailstorm finds vulnerabilities fast. ...
    (Pen-Test)
  • Re: Re: How Windows Password Cracking Programs Work
    ... Once the password hashes are obtained its trivial ... For LM hash, password is converted ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic Excellence ...
    (Security-Basics)
  • Re: Read only Admin privileges for Active Directory environment?
    ... generic accounts with domain admin because now I have no idea who ran it), ... InfoSec team had admin right they could themselves have planted the ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic Excellence in Information Security. ...
    (Security-Basics)
  • Re: Read only Admin privileges for Active Directory environment?
    ... generic accounts with domain admin because now I have no idea who ran it), ... production system. ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic Excellence in Information Security. ...
    (Security-Basics)