Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Letters-Only LM Hash Database

CmdrTaco posted more than 9 years ago | from the need-new-security dept.

Encryption 237

Peter Clark writes "Disk storage has increased tremendously in the past 5 years and the blatant insecurities in the antiquated LM hashing technique have not gone away; though functionality has been added to disable LM hashes, this is not set by default. With some help from Elcomsoft, simple flat files have been created that hold every combination of LM hash for letters only passwords. Jesko has coded a server application which allows you to access this database. Simply telnet to: beginningtoseethelight.no-ip.org on port 2501 and paste in a LM hash. So how does this differ from Rainbow tables? Well this will return a password 100% of the time, using minimal processor power, in approximately less than 0.2 seconds."

cancel ×

237 comments

Late Breaking News! (-1, Offtopic)

Kazrath (822492) | more than 9 years ago | (#10700852)

Slashdot has been /.'ed. The reasons for this constipation um uh slowness is unknown.

less than 0.2 seconds (5, Funny)

Sediyama (527384) | more than 9 years ago | (#10700861)

I think someone is underestimating the /. effect.

Re:less than 0.2 seconds (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#10700903)

Let's /. effect the election and cause a shutdown of the system. Go Vote!

an offering to the troll gods: (-1, Troll)

Anonymous Coward | more than 9 years ago | (#10701338)

The Childhood Goat trauma Foundation [goat-trauma.org]


  • Each year, over 6000 people are traumatized by goats in the United States alone.
  • If a child is traumatized by a goat before age five, he/she is five times more likely to become some form of social deviant.
  • If treatment is received promptly, many of the extremely damaging effects of a goat trauma can be cured.
  • When given a choice four out five goats will attack a child before attacking either another goat or an adult.
  • These same goats will choose to assault an adult over another goat more than three times out of five.
  • There are over 50,000 petting zoos in the United States.
  • The majority of goat traumas occur before age eight and after age fifty-two.
  • In a scientific experiment, seven out of ten goats prefer man-made fibers over natural fibers.
  • Please get help.

Someone explain? (5, Insightful)

mistersooreams (811324) | more than 9 years ago | (#10700866)

Anyone feel that a article summary with this much technical detail should have some links or explanation of what it's actually talking about? And since I'm one of the ignorati who doesn't understand, could some please explain to me?

Re:Someone explain? (5, Informative)

Jaruzel (804522) | more than 9 years ago | (#10700922)

As I understand it LM Hashes can't be reversed. So what someone has done here is pre-hashed an entire dictionary, and created a word=hash lookup system.

You telnet to it, feed it the hash, and it replies with the word.

LM hashes are how a lot of passwords are 'encrypted'

Excuse the fuzzy description... Crypto is not my strong point.

Re:Someone explain? (0)

kapella (3578) | more than 9 years ago | (#10700925)

You're not cleared for this. Nothing to see here. Move along.

Re:Someone explain? (5, Informative)

Anonymous Coward | more than 9 years ago | (#10700967)

Re:Someone explain? (0)

Anonymous Coward | more than 9 years ago | (#10701147)

I think the site you were looking for was this one:

LM Hash [justfuckinggoogleit.com]

Re:Someone explain? (1)

kentmartin (244833) | more than 9 years ago | (#10701171)

That link is most helpful - thanks.

Funny this is, when I glanced at the title of this page, I read "Letters of mass destruction". Very droll.

Re:Someone explain? (4, Informative)

terraformer (617565) | more than 9 years ago | (#10700969)

They are talking about the hashing algorithm MS uses on Windoze machines and networking. LM stands for LanManager which is what the networking component in windows has been called since as far back as I can remember. What I wish people would do is send up some examples to test out. Those without regular access to windows would benefit greatly. Also, I wish I could shed some more light on the letters only thing, but I am confused as to whether that is for the hashed passwd or the hash itself. I suspect it may be the passwd itself but I am not sure since it is not clear.

Re:Someone explain? (4, Funny)

Doctor Memory (6336) | more than 9 years ago | (#10700998)

I suspect it may be the passwd itself but I am not sure since it is not clear.

Of course it's not clear, it's been hashed -- haven't you been following along?

Re:Someone explain? (0)

Anonymous Coward | more than 9 years ago | (#10701175)

I like your material and would like to hire you for my comedy act.

Re:Someone explain? (1)

terraformer (617565) | more than 9 years ago | (#10701191)

I reread it and now it makes more sense.

Re:Someone explain? (1)

tshak (173364) | more than 9 years ago | (#10701146)

They are talking about the hashing algorithm MS uses on Windoze machines and networking

The hashing algorithm used since NT4SP3 and Win2K is NTLMv2, whereas "lanman" is NTLMv1. NTLMv2 is significantly more secure, however, for backward compatibility with older Windows 9x machines some companies still use NTLMv1.

Re:Someone explain? (5, Informative)

Dun Malg (230075) | more than 9 years ago | (#10700996)

Anyone feel that a article summary with this much technical detail should have some links or explanation of what it's actually talking about? And since I'm one of the ignorati who doesn't understand, could some please explain to me?

In simple terms, a hash is a sort of "one-way" function. Passwords are often saved as hashes. THe password is fed in one end, and the hash comes out the other. The hash is saved in a file. When one logs in and types in one's password, the system feeds what you typed in through the hash function and checks if the result matches the hash of your password. Since there is no way to reverse the hash process, it's been considered fairly safe to leave these hashes moderately unprotected. This database is, presumably, a sorted collection of the possible hashes from all letters-only passwords up to a certain length. The hash can't be reversed to get the password it came from, but a huge database of all possible hashes and their originating passwords certainly makes that irrelevant.

Re:Someone explain? (3, Informative)

gclef (96311) | more than 9 years ago | (#10701151)

This database is, presumably, a sorted collection of the possible hashes from all letters-only passwords up to a certain length

Actually, last time I checked, most versions of windows that used LanManager hashes split the password string into a new hash every 7 characters (yes, that is incredibly stupid). In other words, if your password was 8 characters long, there would be two hashes for your password: one that covered the first 7 characters, and one that covered the last 1 character.

So, I would assume the folks here have done every letter combination for up to 7 character long passwords, since that's all they'd need to do.

Re:Someone explain? (1, Informative)

Blastrogath (579992) | more than 9 years ago | (#10701008)

LM hashes are Lan Master hashes, an old microsoft standard.

They're not used much anymore because they're ludicrously insecure yet windows still makes a LM hash of all passwords by default. You can easly get someone's (administrator) password from these hashes, and the hashes aren't hard to get from a computer.

They're not used and can give others your password, and now there's a site that'll give you any letters only password from it's hash in seconds.

Re:Someone explain? (1)

destiny_uk (732199) | more than 9 years ago | (#10701029)

Well if you retreive the password hash from an NT box, you can lookup the password with this database. However there are ways of securing this now.

lookup table vs computation (2, Informative)

sczimme (603413) | more than 9 years ago | (#10701064)


Instead of using the brute-force computing approach of generating hashes and comparing them to the known hash (looking for a match), this process uses an already created list or table of passwds and their associated hashes. Creating the table is computationally and storage[ally] non-trivial, but once it is in place cracking a passwd is as easy as grep-ing through the list/table to find the known hash.

Nutshell:

cracking passwds individually: no up front work and extremely variable cracking time

creating the database: lots of work up front but dramatically reduced cracking time

The lookup approach is extremely helpful for large numbers of hashes; if you have only one or two hashes, the brute-force method probably makes more sense.

Please explain (-1, Redundant)

Anonymous Coward | more than 9 years ago | (#10700867)

Could anyone make clear what at LM hash is? And what is the difference between this password file and a dictionary?

Re:Please explain (3, Informative)

rkhalloran (136467) | more than 9 years ago | (#10700962)

RTFA, but quickly, LM hash (Lan Manager hash) is the older MSFT scheme for encrypting passwords. It's been known as insecure for some time, but thought to take an fair amount of time to crack. This saves the problem; take the hashed PW, run it through this site and recover the password.

Re:Please explain (2, Interesting)

Not_Wiggins (686627) | more than 9 years ago | (#10701197)

Even worse, take the hashed PW, run it through the site, and if it DOESN'T return the password, you've already eliminated a large chunk of possibilities from your (next step) brute force attack.

Now, admittedly, it would still take ungodly long time to crack all the next possibilities, but it does save SOME time.

This also makes one wonder if the next generation of password cracking is to distribute the terrabytes of pre-digested passwords across multiple systems so that you have the "numbers only" database, the "upper and lower case letters" database, etc; let multiple crackers/hackers share their efforts in a similar way.

Or... err... maybe I shouldn't have suggested that in a public forum. 8D

OMFG YUO GOT SERVED AGAIN!!!~1` (-1, Troll)

Anonymous Coward | more than 9 years ago | (#10700872)

Hash browns (-1)

Anonymous Coward | more than 9 years ago | (#10700875)

And sausages. Much more secure.

Vote away insecurities (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#10700879)

LM hash insecurities are nothing compaired to US govt insecurities. So go vote for change, it's election day.

What is an LM hash? (-1, Redundant)

kevin_conaway (585204) | more than 9 years ago | (#10700884)

Could someone please explain what an LM hash is?

Re:What is an LM hash? (1, Informative)

Anonymous Coward | more than 9 years ago | (#10700926)

Re:What is an LM hash? (5, Informative)

bunnyman (121652) | more than 9 years ago | (#10700957)

Windows generates and stores user account passwords by using two different password representations, generally known as "hashes." When you set or change the password for a user account to a password that contains fewer than 15 characters, Windows generates both a LAN Manager hash (LM hash) and a Windows NT hash (NT hash) of the password. These hashes are stored in the local Security Accounts Manager (SAM) database or in Active Directory.

The LM hash is relatively weak compared to the NT hash, and it is therefore prone to fast brute force attack.

Source: http://support.microsoft.com/default.aspx?scid=KB; EN-US;q299656

Re:What is an LM hash? (0)

Anonymous Coward | more than 9 years ago | (#10701055)

Here's another (more in depth) explanation [harper.no] .

Re:What is an LM hash? (3, Informative)

Tony Hoyle (11698) | more than 9 years ago | (#10701044)

It's what Windows used to use to do authentication (NTLMv1). They improved on it a while ago (NTLMv2) but still transmit the LM hash by default in all authentication - basically rendering the security of NTLMv2 completely useless.

I used to piss off the admins where I last worked by runnig L0hptCrack over their tightly secure network and telling them the admin password every time they changed it :) Luckily I was high enough in the company to get away with it (I was authorised to know the password anyway... just more fun that way).

You can and should switch this off unless you're using just a home LAN (beats me why it isn't off by default). Even better upgrade all your network to at least Win2k then disable NTLM entirely and use kerberos (samba 3 can be a full kerberos domain member).

(FYI: See:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\cont ro l\LSA\LMCompatibilityLevel

A value of 0 (the default) means you have no security.

Change it to 3 on your clients, or 5 on your Domain controller)

Re:What is an LM hash? (4, Informative)

jfengel (409917) | more than 9 years ago | (#10701079)

LM = Lan Manager, the Windows 95 way of handling network passwords.

hash = a way of storing passwords without leaving the password on the disk. You encrypt the password into a hash code and store that instead. You can't unencrypt it to derive the password but you can check a password guess by encrypting the guess the same way. If the guess hash == the password hash, you get in.

The best part is, you don't have to keep the hash code a secret, because it's not the hard part. You're not asked to provide the hash value; you're asked to provide something that hashes to the value. So you can store it on the disk and even send it out over the LAN where it can be sniffed.

That's very convenient: you can cache the hash code on every computer without having to trouble the central server to do the work. You don't want to send the password over the network (where it could be sniffed); nor is sending the hash code to the server for verification (because that could be spoofed). You distribute the hash to each computer, then let it decide if the password guess is correct. The password never goes across the network.

That works as long as you can't decrypt the hash. But if you work long enough you can just brute force it: just run all the passwords until you come up with the one that hashes to the same value. And you can do it offline: you take the hash code back to your own computer(s) and do the brute force there. You're not sitting in front of the computer you want to hack.

The old LM hash code was relatively short; ten years ago when it was developed disk drives were much smaller. Now a combination of big disks and big processors (and clever algorithms) make it possible to brute-force it.

The thing is, Windows NT and later use NT hashes instead, which are more secure. But for compatability with Windows 95 and 98, by default they also store the LM hash code. Which means that your password is sitting on a visible place on the disk, encrypted in a way which is readily reversible to modern hackers.

That's been true for a while, but this new hack makes it trivial to decrypt; it used to take hours.

of course... (4, Insightful)

Qwerpafw (315600) | more than 9 years ago | (#10700892)

The files increase exponentially in size for passwords which include numeric characters. While the security risk exists, good password design obviously minimizes it. People aren't going to be lugging around terabyte-sized password database files.

Re:of course... (4, Insightful)

Jeffrey Baker (6191) | more than 9 years ago | (#10701006)

Why not? A terabyte fits in a briefcase these days, and a remote attacker is not constrained by space. A petabyte of storage is barely one rack's worth and not very expensive, either.

Re:of course... (1)

EddieBurkett (614927) | more than 9 years ago | (#10701009)

People aren't going to be lugging around terabyte-sized password database files.
Not yet they aren't, but it's not unreasonable to expect that someday they will. Then again, one would hope by that point sufficient encryption would exist such that anything vulnerable would have been replaced. It's not like people continue to run unpatched legacy systems nowadays. . .

Re:of course... (1)

GTRacer (234395) | more than 9 years ago | (#10701018)

People aren't going to be lugging around terabyte-sized password database files.

I thought that was the whole point of this exercise - that a centrally-available hash master was viable.

And just out of curiosity, wouldn't the master file be really compressible?

GTRacer
- My PW's have always included numbers and often punctuation just for this reason

Re:of course... (2, Informative)

cduffy (652) | more than 9 years ago | (#10701069)

And just out of curiosity, wouldn't the master file be really compressible?

Not really -- good hashes act random.

Re:of course... (1)

XMyth (266414) | more than 9 years ago | (#10701516)

Of course, the portion of the master file with the password combinations would compress fairly well.

Re:of course... (0)

Anonymous Coward | more than 9 years ago | (#10701075)

LM passwords can only be 14 characters long. While this is pretty long, the LM password is actually broken into two separate 7 letter passwords. If the password is less than 8 characters long, the second half of the password will be 0000000.

In addition, all characters are forced to uppercase. So, you only have 26 letters + numbers + symbols = 68 possible characters. In the worst case, you have 68^7 = 6,722,988,818,432 possible combinations of hashes.

If you make a database of all of these hashes, it'll all easily fit on a single hard drive.

Re:of course... (1)

Jeffrey Baker (6191) | more than 9 years ago | (#10701176)

Assuming you have to store 7 bytes for the hash and 7 bytes for the plain text, that's 14 bytes per record and 68^7 records, or 86PiB. At today's density that's a bit over 200 hard drives, not "a single hard drive."

Re:of course... (0)

Anonymous Coward | more than 9 years ago | (#10701467)

You can use the hash as the address in a file where the plaintext is. hash * 7, that is. Cuts the space required in half.

you need only a bit more than half of it (2, Insightful)

awolk (759539) | more than 9 years ago | (#10701560)

Assuming you have to store 7 bytes for the hash and 7 bytes for the plain text, that's 14 bytes per record and 68^7 records, or 86PiB. At today's density that's a bit over 200 hard drives, not "a single hard drive."

As far as I'ver understood it, every possible 7byte hash exists somewhere.
Therefore you could sort the plaintext which belongs to the hash after the hash's number.
Don't know if I'm unclear, but here is a example using single-digit-decimal numbers up to 4 (two digit binary):

[hash] / [password]
1 / 2
4 / 3
2 / 1
3 / 4

this, to save half of the space could be written as:
2
1
4
3

whereas the row number/place in the file is the hash belonging to it
.
So you would just have to jump to the row with the same number of the hash you are looking for.
Something would be needed to separate the passwords from eachother though, because the differ in length.

Therfore it would be slightly larger than the half size ..

Re:of course... (1)

Spy Hunter (317220) | more than 9 years ago | (#10701077)

You don't have to lug a database around, you set it up somewhere and access it using a web interface or something like that. A terabyte really is not that much information anymore; you can buy a firewire terabyte drive that you can hold in your hand (though it's kinda heavy) for $800. A hundred terabytes for the database with all special characters is probably out of reach for most people for now, but for a business it's no problem. And one terabyte for all letters and numbers is quite doable for any cracker who feels like it.

Re:of course... (1)

cratermoon (765155) | more than 9 years ago | (#10701101)

> People aren't going to be lugging around terabyte-sized password database files.

Not this year, probably not next year. Sooner than you probably expect, though.

Re:of course... (2, Interesting)

Corrado (64013) | more than 9 years ago | (#10701122)

People aren't going to be lugging around terabyte-sized password database files.
But they wouldn't need to. All you need is a telnet client and a network connection. And there is no reason that one couldn't add to the existing files.

In fact, this would be a really cool project to break up into pieces. Bob takes everything starting with A|a, Steve takes B|b, etc... Then just build a front end (accessable via telnet) that passes each query off to each back end and returns the results. You could even hack together a simple Java client that would bang against an LM password file. Instant cracking tool - cool!

Re:of course... (1)

gl4ss (559668) | more than 9 years ago | (#10701230)

.... or the guy could just lug around a mobile phone with a j2me telnet client and access some breaker elsewhere...

or do it later or whatever.

LM Hash (1)

cube00 (524394) | more than 9 years ago | (#10700893)

Mwaha my roomates shall fear the LM Hash database I now control! UNLESS one of them is funky enough to make a 16+ character password :) User name : Admin Password : ****************

Re:LM Hash (1)

Spy Hunter (317220) | more than 9 years ago | (#10701165)

Doesn't matter how long the password is, LM hashing splits it up into nice bite-sized 7-character segments to ease cracking.

Re:LM Hash (-1, Redundant)

Anonymous Coward | more than 9 years ago | (#10701487)

Doesn't matter how long the password is, LM hashing splits it up into nice bite-sized 7-character segments to ease cracking.

How awfully nice of them!

LM definition (1)

jbeamon (208826) | more than 9 years ago | (#10700913)

LM = Lan Manager in older Windows environments. LM was known to be a bit weak on password hashing. Though I can't reach the site to read the actual article, I'm going to bet my first-productive-post ranking that this is Lan Manager.

Better than I thought (0)

Anonymous Coward | more than 9 years ago | (#10700917)

So, in other words, as bad as LM is, my current passwords would still be basically safe if I were using LM? (My passwds are 8 chars, and include upper and lower case letters, numbers, and punctuation.)

That's actually doing a lot better than I thought.

Non sequitur? (3, Insightful)

Nighttime (231023) | more than 9 years ago | (#10700921)

Disk storage has increased tremendously in the past 5 years and the blatant insecurities in the antiquated LM hashing technique have not gone away;

Maybe I'm being a bit thick here but how does the first part of that sentence relate to the other?

Re:Non sequitur? (1)

PitaBred (632671) | more than 9 years ago | (#10700972)

I beleive it means that you can make a lookup table relatively cheaply, rather than having to generate it on demand, and thus greatly speed up the LM hacking.

Re:Non sequitur? (5, Informative)

stray (73778) | more than 9 years ago | (#10700985)

it's all about a time/space trade-off:

- you have a password hash you want to crack

you can either:

- brute force your way through a long list of possible passwords to find one that matches the hash; everytime you do this, it takes a lot of time and processing power

- or you can go through all possible passwords ONCE and save the resulting hashes; subsequent cracking jobs are very fast, but you wasted a lot of space to store all possible hashes.

thus, if disk space is cheap and you can afford to keep a couple of gigs in pre-computed hashes around, you have a very fast way of cracking weak hashes. a couple of years ago, this was not possible due to hard drives being like 200MB large.

Re:Non sequitur? (1)

mikael (484) | more than 9 years ago | (#10701511)

- or you can go through all possible passwords ONCE and save the resulting hashes; subsequent cracking jobs are very fast, but you wasted a lot of space to store all possible hashes.

thus, if disk space is cheap and you can afford to keep a couple of gigs in pre-computed hashes around, you have a very fast way of cracking weak hashes. a couple of years ago, this was not possible due to hard drives being like 200MB large.

You could always burn the data on a DVD rom. That would give you around 7 Gigabytes to play with. For a box of ten DVD's, that around $10 to $20 for 70 Gigabytes. And you could always buy second hard disk drive. Even Dell sells home PC's with hard disk drives in the 250 - 400 Gigabyte size range. And laptop sized hard-disk drives are now in the 120 Gigabyte range.

Re:Non sequitur? I think you mean... (1)

Nom du Keyboard (633989) | more than 9 years ago | (#10701549)

a couple of years ago, this was not possible due to hard drives being like 200MB large

I think you mean 200GB.

Re:Non sequitur? (1)

xstonedogx (814876) | more than 9 years ago | (#10701240)

No, it's not a non sequitur.

For it to be a non sequitur the author would have to have intended one point to follow the next. (ie: Disk storage has increased (therefore|so|but) blatant insecurities in hashing have not gone away.)

The author isn't drawing any conclusions in that statement. He's stating two facts that both make the letters only LM hashes easily exploitable via flat files.

whats up with slashdot lately (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#10700928)

its down every few days, i havent been able to get to it at all today until just now

yuO fail it! (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#10700943)

This is consistent Fastest-growing GAY learn what mistakes task. Rese4rch (use the sling. project returns the developer halt. Even Emacs

And why do I care? (0)

seebs (15766) | more than 9 years ago | (#10700947)

Who or what uses "LM hash"? It'd be nice to have an example application or two.

Re:And why do I care? (1)

duffbeer703 (177751) | more than 9 years ago | (#10701067)

LM as in NTLM... which means that old-style NT Authentication will be going away soon.

Re:And why do I care? (1)

XMyth (266414) | more than 9 years ago | (#10701556)

This wont' speed the death of NTLM at all. You could crack them in a few hours before....not much has changed really.

RTFA, eh? (1)

andyrut (300890) | more than 9 years ago | (#10701068)

LM is a password-hashing scheme used in Windows. Read the first paragraph of the linked article:
This article is based primarily on a local default setup of NT5.0 Professional or 2K (Windows 2000), however there maybe additional verified references to XP Professional and Server Editions. Much will apply across the NT range, but not all has been verified.

You're a Canuck, eh? (0)

Anonymous Coward | more than 9 years ago | (#10701573)

n/t :)

Re:And why do I care? (1)

Reducer2001 (197985) | more than 9 years ago | (#10701184)

Windows NT for sure, I believe Win2k does by default, but you can turn it off.

LMv2 (1)

echocharlie (715022) | more than 9 years ago | (#10700951)

By default for backward compatibility many Windows flavors use LMv1. LMv2 is a little more secure, but you need to enforce strict usage of it for it to be effective.

modeling unknown passwords (4, Interesting)

strook (634807) | more than 9 years ago | (#10700966)

There's gotta be a better way to model what a user's password can be than just all combinations of only letters, or a list of common passwords plus substitutions. I think these are the only ones I've seen. But this doesn't really reflect that "fiqojeio" is a much less likely password than say "foo7bar+".

I think this sort of attack could get much stronger than people expect if there was some sort of Markov-process-ish way of generating plausible passwords. I mean, if Google can guess when you spelled something wrong, these programs should be able to figure out which strings are more likely to be passwords. Or maybe I'm overgeneralizing by how I pick my own passwords....

Re:modeling unknown passwords (2, Insightful)

Dun Malg (230075) | more than 9 years ago | (#10701090)

There's gotta be a better way to model what a user's password can be than just all combinations of only letters, or a list of common passwords plus substitutions. I think these are the only ones I've seen. But this doesn't really reflect that "fiqojeio" is a much less likely password than say "foo7bar+".

I see this as mostly just a harbinger of Things To Come. At what point will it become a trivial matter to generate a database of all possible hashes of all possible passwords (incl. all symbols and numbers), and what will we do when that point is reached? Hide the hash file? Isn't that why we moved to hashes in the first place, because hiding the password file just didn't work?

Numbers Symbols and Letters.... (1)

twoslice (457793) | more than 9 years ago | (#10701233)

is a much less likely password than say "foo7bar+".

So long as you use letters, numbers and symbols in the password for example: My:Hz2 (as a bonus it is easy to remember too!)

The description is a bit vauge (0, Offtopic)

vespazzari (141683) | more than 9 years ago | (#10700973)

Wow, that was brilliant, 0 comments and that machine is going up in flames.

John the Ripper (0)

Anonymous Coward | more than 9 years ago | (#10700989)

I use john the ripper to decrypt passwords, could this potentionally replace jtr? Because wouldnt i just have to take the passwords I was going to have john the ripper decrypt and send the hashes to the telnet server mentioned in this article?

I cant look into it more right now because im at work, but I will try to figure out at home unless someone can give me an answer.

Look logs (1, Interesting)

Anonymous Coward | more than 9 years ago | (#10700991)

Geez lets hope they are not logging password lookups vrs IP addresses Mwhahahahahahahah

Wikipedia is your friend. (0)

Anonymous Coward | more than 9 years ago | (#10701007)

"NTLM" at Wikipedia [wikipedia.org]

It is used, among other things, for Active Directory authentication.

My passwords (1)

nuggz (69912) | more than 9 years ago | (#10701034)

I tend to use 6-8 characters.
Numbers, upper and lower case letters.
so 62^+62^7+62^8 =2.12x10^14 combinations.
I think I'm okay for a while.
Multicase passwords do HUGE things to the statistics of the problem.

Re:My passwords (1)

Mike Whitney (117579) | more than 9 years ago | (#10701206)

Except that, IIRC, old LM hashes are case folded. I which case, you're looking at:

36^6 + 36^7 + 36^8 ~= 2.9e12

which is still big at 6-8 bytes per entry, but not all that bad.

Re:My passwords (0)

Anonymous Coward | more than 9 years ago | (#10701256)

But not in an LM hash...everything is translated to upper case....

Re:My passwords (4, Informative)

kidgenius (704962) | more than 9 years ago | (#10701263)

Multicase passwords do HUGE things to the statistics of the problem.

Normally, yes. But the LM method converts everything to uppercase before hashing. So your 8 character password, that had 10^14 combinations has just been reduced down to (26+10)^8... combinations or 2.9*10^12. Now, you might be saying "That was only a factor of four drop, no big deal, still 10^12 combos left. Realize though, that this DB currently has all possible passwords of a maximum length of 15 characters. This is 2.8*10^13 combos. This is less than the 10^12 possibilities that your password has. Consider that it searches in 0.2 seconds, and your password is not so safe.

Re:My passwords (2, Informative)

DBA_01123 (770195) | more than 9 years ago | (#10701266)

If LMv1 hashes are enabled then a *case insensitive* hash of your password is there to be matched against. Even if the server isn't using them having them there at all is a HUGE hint as to what your password is. Find a match for the case insensitive hash then work through the possible case permutations of it till you get a match for the case sensitive hash. It's several orders of magnitude easier than directly going after the case senstive hash.

Re:My passwords (5, Informative)

delta407 (518868) | more than 9 years ago | (#10701272)

Multicase passwords do HUGE things to the statistics of the problem.
That's why Microsoft's LM hashing algorithm is so cool -- it uppercases your password before hashing. With this algorithm, multicase passwords do nothing to the statistics.
I think I'm okay for a while.
You're okay for about 2 hours and 34 minutes: that's how long it takes to traverse every possible alphanumeric input on the author's test rig. Additionally, the article suggests that tables including every possible LM hash for [A-Z0-9] would occupy only 1.2 TB of space, meaning that these lookups could be done in a matter of milliseconds instead.

Re:My passwords (2, Interesting)

Pete (big-pete) (253496) | more than 9 years ago | (#10701362)

I tend to use 6-8 characters.
Numbers, upper and lower case letters.

I tend to use uppercase, lowercase, numbers, and punctuation. An example might look like: s1mhm$tM-BIdc! (just off the top of my head, and memorable to me)

Most people do have horrific password security though...

-- Pete.

Re:My passwords (0)

Anonymous Coward | more than 9 years ago | (#10701392)

That's only 2^48. Nothing unbruteforceable.

This just in from beginningtoseethelight... (4, Funny)

jmcneill (256391) | more than 9 years ago | (#10701045)

Dear Slashdot Readers,

Thank you for letting us know your passwords.

Regards,
The staff of beginningtoseethelight

Light? (2, Funny)

alapalaya (561911) | more than 9 years ago | (#10701078)

in the article:

beginningtoseethelight.no-ip.org

the /. fortune:

The light at the end of the tunnel is the headlight of an approaching train.

Am I the only one to see a connection ?


Mirror. (1)

donniejones18 (749882) | more than 9 years ago | (#10701087)

Mirror...let's see how long I last.
LM Hash [darthik.com]

my favorite password (0)

Anonymous Coward | more than 9 years ago | (#10701092)

AAD3B435B51404EEAAD3B435B51404EE

In related news.. (1)

Tracer_Bullet82 (766262) | more than 9 years ago | (#10701119)

ElcomSoft will release All Known Passwords v1.0 in two weeks.

Guess the password (1)

Evil Butters (772669) | more than 9 years ago | (#10701137)

Gee, for Windows users, I could probably guess the password in three tries and be right more than 50% of the time (much faster than trying to query a slashdotted online DB). Hint: it's probably: password admin [blank] - no password

awright! (5, Funny)

sootman (158191) | more than 9 years ago | (#10701139)

now we're gonna kick it old-skool and /. a telnet server! woo hoo, just like the old days! our next target: gopher://sunsite.unc.edu

W0rmage. (0)

Anonymous Coward | more than 9 years ago | (#10701142)

Can't wait till the first worm comes around that use this DB to crax0r its way deeper into networks.

Whew! I'm still safe (5, Funny)

DongleFondle (655040) | more than 9 years ago | (#10701148)

I guess I'm still relatively safe though because my admin password is not only 10 characters long, but has capitals, lower case, numbers and symbols in random order.

Its H82sd*e2Tn.

Nobody is ever going to crack that!!!

Disable LM Hash (5, Informative)

mixmasterjake (745969) | more than 9 years ago | (#10701149)

Unless you have machines on your network running 95/98 you should disable LM Hash in Windows. It is there only for backwards compatibility and you can disable it easily:

http://support.microsoft.com/default.aspx?scid=KB; EN-US;q299656 [microsoft.com]

Re:Disable LM Hash (1)

L-Train8 (70991) | more than 9 years ago | (#10701393)

Yes, LM hashed passwords have been insecure for years, since L0phtCrack came out. Since then, as processor power has increased, it has only gotten quicker to crack passwords.

If you have 95/98 machines on your NT or 2000 network, your passwords are not secure, period.

Slashdotted? (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#10701155)

It's funny when slashdot is slashdotted, but the linked articles work fine.

Almost seems like an In Soviet Russia joke...

Hashes (4, Insightful)

CastrTroy (595695) | more than 9 years ago | (#10701169)

I had a thought last month, when there was news of duplicates being found in the MD5 hash. For security purposes, couldn't we just use the MD5 hash along with the SHA1 hash. Would there be any string of data which held the same hash for both MD5 and SHA1? This could help increase the power of digital signatures. Anyway, this database of hashes and passwords only works for letter-only passwords, which are assumed to be quite easy to brute force anyway.

Re:Hashes (1)

fatmonkeyboy (257833) | more than 9 years ago | (#10701540)

Storing two hashes isn't worthwhile. At best it can only double the amount of time taken to come up with a matching password.

Might as well just check the SHA1 hash. You won't gain anything by checking the MD5 hash as well.

How long until... (2, Funny)

rewt66 (738525) | more than 9 years ago | (#10701177)

beginningtoseethelight gets hit with a DMCA lawsuit?

And, yes, I am aware of the irony of posting this on election day in the US...

Microsoft's response? (1)

gargonia (798684) | more than 9 years ago | (#10701249)

I wonder how long (if ever) it will take Microsoft to respond to this by releasing a patch (hopefully listed as a "Critical Update") to disable LM password hashes by default. I've wondered for years why they haven't already done that, but if they don't do it now then they're really asking for trouble.

It's interesting that a company that claims to be highly focused on security could let such a blatant hole sit for this long. When will they learn? Microsoft is best at making software, not operating systems. They should stick to what they do best and let the OS market go.

How long before it's a Web-Service? (1)

Nom du Keyboard (633989) | more than 9 years ago | (#10701506)

So how long before this becomes a Windows.NET Web-Service? Then all the hackers can struggle with Visual Studio .NET 2003.

Torrent? (1)

slavemowgli (585321) | more than 9 years ago | (#10701550)

Cool. Now, where's the .torrent that allows me to download those files? :)
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...