Skip to comments.
Cracking Windows passwords in 5 seconds (Cool concept, unless you, you know, use Windows)
SecurityFocus BUGTRAQ Mailing List ^
| July 22, 2003
| Philippe Oechslin
Posted on 07/22/2003 8:38:27 PM PDT by Timesink
To: BugTraq
Subject: Cracking windows passwords in 5 seconds
Date: Jul 22 2003 8:37PM
Author: Philippe Oechslin
As opposed to unix, windows password hashes can be calculated in advance because no salt or other random information si involved. This makes so called time-memory trade-off attacks possible. This vulnerability is not new but we think that we have the first tool to exploit this.
At LASEC (lasecwww.epfl.ch) we have developed an advanced time-memory trade-off method. It is based on original work which was done in 1980 but has never been applied to windows passwords. It works by calculating all possible hashes in advance and storing some of them in an organized table. The more information you keep in the table, the faster the cracking will be.
We have implemented an online demo of this method which cracks alphanumerical passwords in 5 seconds average (see http://lasecpc13.epfl.ch/ntcrack). With the help of 0.95GB of data we can find the password after an average of 4 million hash operation. A brute force cracker would need to calculate an average of 50% of all hashes, which amounts to about 40 billion hases for alphanumerical passwords (lanman hash).
More info about the method can be found at in a paper at http://lasecwww.epfl.ch/php_code/publications/search.php?ref=Oech03.
Philippe Oechslin
TOPICS: Crime/Corruption; Extended News; Miscellaneous; Technical
KEYWORDS: computersecurityin; microsoft; passwords; security; techindex; windows
Navigation: use the links below to view more comments.
first previous 1-20 ... 41-60, 61-80, 81-100, 101-105 last
To: cspackler
That's like to old saying that a locked door only keeps honest people from breaking into your home.
To: Southack
Any secure 2k Domain is not going to have *real* data on a workstation. Data will be secure within a database with file and network security. Most users will have no access to the data and limited access to network 'sites'.
We happen to run a mixture of Intranet apps and local apps with data connections to servers of one sort or another.
Any data you might get from access to a local PC is expendable.
A windows network does not mean locally stored data with no network security outside user and file level protections.
102
posted on
07/23/2003 2:26:30 PM PDT
by
CyberCowboy777
(They promise to be good masters, but they mean to be masters.)
To: CyberCowboy777
Precisely.
103
posted on
07/23/2003 2:29:32 PM PDT
by
Southack
(Media bias means that Castro won't be punished for Cuban war crimes against Black Angolans in Africa)
To: Southack
Would I use a 2K/Active Directory/SQL system for a bank?
no.
But I would not use a Unix system for a paper mill.
No one system fits all industry and business and some are inherently more open for purpose and 'other' precautions must be taken.
104
posted on
07/23/2003 3:23:27 PM PDT
by
CyberCowboy777
(They promise to be good masters, but they mean to be masters.)
To: CyberCowboy777
Indeed.
105
posted on
07/23/2003 3:25:05 PM PDT
by
Southack
(Media bias means that Castro won't be punished for Cuban war crimes against Black Angolans in Africa)
Navigation: use the links below to view more comments.
first previous 1-20 ... 41-60, 61-80, 81-100, 101-105 last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson