Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Cracking Windows passwords in 5 seconds (Cool concept, unless you, you know, use Windows)
SecurityFocus BUGTRAQ Mailing List ^ | July 22, 2003 | Philippe Oechslin

Posted on 07/22/2003 8:38:27 PM PDT by Timesink

To: BugTraq

Subject: Cracking windows passwords in 5 seconds

Date: Jul 22 2003 8:37PM

Author: Philippe Oechslin

As opposed to unix, windows password hashes can be calculated in advance because no salt or other random information si involved. This makes so called time-memory trade-off attacks possible. This vulnerability is not new but we think that we have the first tool to exploit this.

At LASEC (lasecwww.epfl.ch) we have developed an advanced time-memory trade-off method. It is based on original work which was done in 1980 but has never been applied to windows passwords. It works by calculating all possible hashes in advance and storing some of them in an organized table. The more information you keep in the table, the faster the cracking will be.

We have implemented an online demo of this method which cracks alphanumerical passwords in 5 seconds average (see http://lasecpc13.epfl.ch/ntcrack). With the help of 0.95GB of data we can find the password after an average of 4 million hash operation. A brute force cracker would need to calculate an average of 50% of all hashes, which amounts to about 40 billion hases for alphanumerical passwords (lanman hash).

More info about the method can be found at in a paper at http://lasecwww.epfl.ch/php_code/publications/search.php?ref=Oech03.

Philippe Oechslin


TOPICS: Crime/Corruption; Extended News; Miscellaneous; Technical
KEYWORDS: computersecurityin; microsoft; passwords; security; techindex; windows
Navigation: use the links below to view more comments.
first previous 1-20 ... 41-6061-8081-100101-105 last
To: cspackler
That's like to old saying that a locked door only keeps honest people from breaking into your home.
101 posted on 07/23/2003 2:20:42 PM PDT by Pan_Yans Wife (Lurking since 2000.)
[ Post Reply | Private Reply | To 95 | View Replies]

To: Southack
Any secure 2k Domain is not going to have *real* data on a workstation. Data will be secure within a database with file and network security. Most users will have no access to the data and limited access to network 'sites'.

We happen to run a mixture of Intranet apps and local apps with data connections to servers of one sort or another.

Any data you might get from access to a local PC is expendable.

A windows network does not mean locally stored data with no network security outside user and file level protections.
102 posted on 07/23/2003 2:26:30 PM PDT by CyberCowboy777 (They promise to be good masters, but they mean to be masters.)
[ Post Reply | Private Reply | To 97 | View Replies]

To: CyberCowboy777
Precisely.
103 posted on 07/23/2003 2:29:32 PM PDT by Southack (Media bias means that Castro won't be punished for Cuban war crimes against Black Angolans in Africa)
[ Post Reply | Private Reply | To 102 | View Replies]

To: Southack
Would I use a 2K/Active Directory/SQL system for a bank?

no.

But I would not use a Unix system for a paper mill.

No one system fits all industry and business and some are inherently more open for purpose and 'other' precautions must be taken.
104 posted on 07/23/2003 3:23:27 PM PDT by CyberCowboy777 (They promise to be good masters, but they mean to be masters.)
[ Post Reply | Private Reply | To 103 | View Replies]

To: CyberCowboy777
Indeed.
105 posted on 07/23/2003 3:25:05 PM PDT by Southack (Media bias means that Castro won't be punished for Cuban war crimes against Black Angolans in Africa)
[ Post Reply | Private Reply | To 104 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 41-6061-8081-100101-105 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson