Cracking Windows passwords in 5 seconds (Cool concept, unless you, you know, use Windows)

SecurityFocus BUGTRAQ Mailing List ^ | July 22, 2003 | Philippe Oechslin

[Timesink]

To: BugTraq

Subject: Cracking windows passwords in 5 seconds

Date: Jul 22 2003 8:37PM

Author: Philippe Oechslin

As opposed to unix, windows password hashes can be calculated in advance because no salt or other random information si involved. This makes so called time-memory trade-off attacks possible. This vulnerability is not new but we think that we have the first tool to exploit this.

At LASEC (lasecwww.epfl.ch) we have developed an advanced time-memory trade-off method. It is based on original work which was done in 1980 but has never been applied to windows passwords. It works by calculating all possible hashes in advance and storing some of them in an organized table. The more information you keep in the table, the faster the cracking will be.

We have implemented an online demo of this method which cracks alphanumerical passwords in 5 seconds average (see http://lasecpc13.epfl.ch/ntcrack). With the help of 0.95GB of data we can find the password after an average of 4 million hash operation. A brute force cracker would need to calculate an average of 50% of all hashes, which amounts to about 40 billion hases for alphanumerical passwords (lanman hash).

More info about the method can be found at in a paper at http://lasecwww.epfl.ch/php_code/publications/search.php?ref=Oech03.

Philippe Oechslin

[Timesink]

"Fascinating."

[Cold Heat]

Great News! [sarc]

[Timesink]

bump for bump lists

[Jhoffa_]

...

[meyer]

This would be more useful if I knew what a "lanmanager hash" was. They want information from me that I don't even have, let alone am willing to give out. So what's the catch - you give them a code, they decode it for you?

[general_re]

This is almost completely useless as an exploit.

[general_re]

It's not useful to anyone as much of anything, other than maybe as a proof of concept sort of thing. Nobody is going to be using this to crack into your system, particularly if you use Windows 2000 or later, or NT4 with SYSKEY enabled.

[Southack]

Oh please. All you need is the emergency boot disk to have access to the whole Windows system sans password.

[Ramius]

This isn't an exploit. It's a cute sophomore computer science programming exercise.

[Ramius]

Or, what you said. :-)

[Ramius]

Well, yes. Physical access to any machine is pretty much the same as complete access. Mostly.

[general_re]

I like your version better - brevity is the soul of wit, after all ;)

[lelio]

I don't think it is ... if you can get the hashed version of the password you can then crack it as they don't use any "salt" in the hash. So "xyzzy" will always hash to "wqrtw" whereas in the unix world you'll throw some other characters in the password before hashing it. That salt is included as plaintext in the hash.
That means that you only have to hash all the possible combinations of 8 letter words to get their full dictionary of possibilities. If they had salt in there (say numbers 0->255) you would have to have a list that's 255 times bigger. I'm not sure what the salt number range is in unix.
Its my understanding that if you sniff the wire when login into a domain you might be able to get this hashed password.

[dead]

I went to high school with Lanmanager Hash. He wore denim leisure suits and smelled like roast pork.

[Alas Babylon!]

I hope every Windows administrator is doing the following:

Set your password policy to 8 Chars, complexity enabled, password history 24.
Set your account policy to three attempts, lockout indef, duration 30 minutes.
Rename the administrator account to something else. Use restricted groups on Domain Admins, Enterprise Admins and Administrators.
Set audit policy to failure on account logon.
Set idle timeout to some minimum.

It's just like not leaving the keys in the ignition, locking the doors, rolling up the windows, moving all visable values into the trunk, and parking in a well-lit area if you don't want your car stolen.

[lelio]

Someone offered me some Lanmanager Hash at a seedy party once.

[dead]

That sh!t will make you crazy.

[Southack]

"Well, yes. Physical access to any machine is pretty much the same as complete access. Mostly."

I don't see it, even with the "mostly" caveat tossed in.

How many people, given full access to an ATM or POS terminal, could debit the accounts of other bank customers?

You see, **security** is more than just protecting a machine's physical access. Good security will survive even with a machine physically compromised.

[Ramius]

Its my understanding that if you sniff the wire when login into a domain you might be able to get this hashed password.

Well, yes. But if I have people sniffing on my network I think I already have way bigger problems, don'tcha think?

[bonesmccoy]

(sarcasm on)
Dude,
Lanmanager Hash is from Maui man.
His brother is Sniff and his sister is Doue.
(now returning to regularly scheduled cynicism)