[Am-info] [IP] Cracking windows passwords in 5 seconds

[Gene Gaines]

Another look at Windows-based security.

Ya know, conventional windows are glass, and if you can't
see thru them, usually you can crack them easily.

Mebbe Microsoft derived their design for Windows from windows.

Gene Gaines

>----- Original Message -----
>From: <bugtraq@oechslin.net>
>To: <bugtraq@securityfocus.com>
>Sent: Tuesday, July 22, 2003 1:37 PM
>Subject: Cracking windows passwords in 5 seconds
>
>
>As opposed to unix, windows password hashes can be calculated in advance
>because no salt or other random information si involved. This makes so
>called time-memory trade-off attacks possible. This vulnerability is not
>new but we think that we have the first tool to exploit this.
>
>At LASEC (lasecwww.epfl.ch) we have developed an advanced time-memory
>trade-off method. It is based on original work which was done in 1980 but
>has never been applied to windows passwords. It works by calculating all
>possible hashes in advance and storing some of them in an organized
>table. The more information you keep in the table, the faster the
>cracking will be.
>
>We have implemented an online demo of this method which cracks
>alphanumerical passwords in 5 seconds average (see
>http://lasecpc13.epfl.ch/ntcrack). With the help of 0.95GB of data we can
>find the password after an average of 4 million hash operation. A brute
>force cracker would need to calculate an average of 50% of all hashes,
>which amounts to about 40 billion hases for alphanumerical passwords
>(lanman hash).
>
>More info about the method can be found at in a paper at
>http://lasecwww.epfl.ch/php_code/publications/search.php?ref=Oech03.
>
>   Philippe Oechslin