From: Thor (Hammer of God) (thor@hammerofgod.com)
Date: Thu Sep 22 2005 - 01:18:44 EDT
No need to look... I'm quite familiar with Urity's work ;) He spoke just
before I did at a Blackhat conference a while back... We had dinner together
(I think that was then... Rika translated for us...) and discussed it a bit.
The presentation at BH Windows 2002 is more relevant than Tokyo, actually...
In 2004 he discussed the NTLM2 response key-- that is not the same as the
NTLMv2 challenge/response exchange... I may tend to be a bit pedantic
sometimes, but I think it is important to be accurate when discussing
security matters, particularly in the realm of authentication protocols.
Since you said "NTLMv2" broke the hash into "chunks," I thought it proper to
correct that statement. NTLMv2's challenges and responses are all 128 bit,
linear keys.
t
----- Original Message -----
From: "Craig Wright" <cwright@bdosyd.com.au>
To: "Thor (Hammer of God)" <thor@hammerofgod.com>; <pand0ra.usa@gmail.com>;
<pen-test@securityfocus.com>
Sent: Wednesday, September 21, 2005 9:48 PM
Subject: RE: Passwords with Lan Manager (LM) under Windows
The session response key
Have a look at
http://www.blackhat.com/presentations/bh-asia-04/bh-jp-04-pdfs/bh-jp-04-
seki.pdf
About page 35-40 give or take from memory
Craig
-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@hammerofgod.com]
Sent: 22 September 2005 12:00
To: Craig Wright; pand0ra.usa@gmail.com; pen-test@securityfocus.com
Subject: Re: Passwords with Lan Manager (LM) under Windows
----- Original Message -----
From: "Craig Wright" <cwright@bdosyd.com.au>
To: <pand0ra.usa@gmail.com>; <pen-test@securityfocus.com>
Sent: Wednesday, September 21, 2005 12:32 PM
Subject: RE: Passwords with Lan Manager (LM) under Windows
> Even NTLMv2 will break the hashing into chunks which are able to be
> individually broken down.
I'm not sure what you mean... NTLMv2 uses a single 128bit key for the
hash,
challenge and response... Or are you referring to the NTLM2 session
response key (56+56+16)? If so, that is not the same thing as NTLMv2...
Can
you elaborate please ?
t
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:59 EDT