Home page logo
/

pen-test logo Penetration Testing mailing list archives

Passwords with Lan Manager (LM) under Windows
From: <Cedric.Baechler () vtg admin ch>
Date: Tue, 20 Sep 2005 12:24:46 +0200

Hi,

Lan Manager (LM) is one of the oldest authentication protocols that Microsoft has used. It was first introduced with 
Windows 3.11 and is not very secureThe hash is case-insensitive.

* The character set is limited to 142 characters. 
* The hash is broken down into 2-7 character chunks. If the password is shorter than 14 characters, the password will 
be padded with nulls to get the password to 14 characters. 
* The hash result is a 128-bit value. 
* The hash is one-way function. 


Does anyone know which 142-character set is used ?

Thanks in advance,

Cedric

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]