Hi Quick reply I'm afraid end of the day and a beer is calling it's due to the lanman hash which splits the NT password into 2 x 7 letters therefore you can pick up the tail end. For cracking it's a big problem because as you noticed it gives you the last few letters possibly giving too many clues as to what the first 7 letters will be
If you aren't using 95 machines and I think it also applies to 98 you can turn it off with a registry setting. hope this helps, the above info is off the top of my head but I'm 90% sure it's correct take care -andy Taliskers Network Security Tools http://www.networkintrusion.co.uk ----- Original Message ----- From: "netsec novice" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, September 25, 2002 11:12 PM Subject: password cracking > I recently began using Lopht to do password cracking on our own network in > order to enforce our password standards. In watching the process, I now > have questions regarding how the cracking works. I understand basic > dictionary and even brute force methods. What I'm confused about is how > Lopht can determine individual characters without cracking the entire > password. > IE. ?????9pass > I should mention that this is auditing an NT system. My best analogy is a > wall safe vs. a key? I would think that the only way the password could be > cracked would be to input the entire string(key) and see if it opened the > door. It appears though that it is treating the password as individual > characters and cracking one at a time like a combination lock. Can someone > help me clear my fog on this issue? > > Thanks in advance... > > > _________________________________________________________________ > Join the world's largest e-mail service with MSN Hotmail. > http://www.hotmail.com >
