Home page logo
/

basics logo Security Basics mailing list archives

Re: Re: How Windows Password Cracking Programs Work
From: "Nagareshwar Talekar" <tnagareshwar () gmail com>
Date: Fri, 28 Jul 2006 14:40:45 +0530

 Here are the ways in which windows passwords can be cracked...

1) Offline..
   Anybody with physical access to the machine ( or from other OS on
the same m/c ) can get SYSTEM registy hive (this has key with which
hashes are encrypted) and SAM files. Then use cain & abel to get
password hash. Once the password hashes are obtained its trivial
procedure to use any of the cracking tools such as LC5, john, cain &
abel etc.

2) Online
  LC5, cain&abel & pwdump tools can directly dump the hashes using
LSASS process by using dll injection technique.  Then these hashes can
be cracked. Ofcourse user must have admin privileges. Any spyware or
trozan can do this on machine running as admin.

Windows hashes contain both LM and NTLM hashes. LM hashes are still
stored for backward compatibility. For LM hash , password is converted
to upper case and then the hash is taken. Hence its easy to break as
26 lower chars are eliminated. Also each hash is divided into group of
7 characters and they can be cracked independently.


With Rainbow tables cracking job has become very easy and fast.
Passwords can be cracked in seconds with right rainbow tables. However
you need not have to waste time or memory for building huge rainbow
tables...They are online now....check out ...

http://plain-text.info/add/
https://www.astalavista.net/v2/?cmd=rainbowtables

Hope this helps to understand it better...



On 27 Jul 2006 02:15:42 -0000, e.m.baechle () ieee org
<e.m.baechle () ieee org> wrote:
You've got it right.


Password "Cracking" for the most part is nothing but a systematic attempt to create a hash that matches the one you 
took from the system.  The program could use dictionaries, brute force, or a combination along with predictability routines for 
the language being used.


The most important part of that is obtaining the password hash files to compare the guesses against.  A lot of attention goes 
towards creating a "reasonably uncrackable password."  But the first part of the password crack is to obtain the 
password hash files.


Sincerely,


Eric Baechle

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------




--
With Regards
Nagareshwar

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault