RE: Passwords with Lan Manager (LM) under Windows

From: Craig Wright (cwright@bdosyd.com.au)
Date: Thu Sep 22 2005 - 00:48:07 EDT


The session response key

Have a look at
http://www.blackhat.com/presentations/bh-asia-04/bh-jp-04-pdfs/bh-jp-04-
seki.pdf

About page 35-40 give or take from memory

Craig

-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@hammerofgod.com]
Sent: 22 September 2005 12:00
To: Craig Wright; pand0ra.usa@gmail.com; pen-test@securityfocus.com
Subject: Re: Passwords with Lan Manager (LM) under Windows

----- Original Message -----
From: "Craig Wright" <cwright@bdosyd.com.au>
To: <pand0ra.usa@gmail.com>; <pen-test@securityfocus.com>
Sent: Wednesday, September 21, 2005 12:32 PM
Subject: RE: Passwords with Lan Manager (LM) under Windows

> Even NTLMv2 will break the hashing into chunks which are able to be
> individually broken down.

I'm not sure what you mean... NTLMv2 uses a single 128bit key for the
hash,
challenge and response... Or are you referring to the NTLM2 session
response key (56+56+16)? If so, that is not the same thing as NTLMv2...
Can
you elaborate please ?

t

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:59 EDT