Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4C8B593A.7050605@bredband.net>
Date: Sat, 11 Sep 2010 12:26:02 +0200
From: "Magnum, P.I." <rawsmooth@...dband.net>
To: john-users@...ts.openwall.com
Subject: Re: Attacking Windows-ALT chars in LM Hashes

On 09/10/2010 06:49 PM, Solar Designer wrote:
> I think you confused LM (DES-based, 8 bits per char, two 56-bit keys)
> and NTLM (MD4-based, 16 bits per char).

Doh, sorry about that. Anyway here is an article that lists all ALT 
codes that will "cause the LMHash to disappear":
http://technet.microsoft.com/en-us/library/dd277300.aspx

The wikipedia article for "LM hash" incorrectly states that the LM hash 
is produced from the password encoded in ASCII, while its reference for 
that information says that it is the password encoded as an OEM string. 
The latter is true. I really wonder if this means a client using one 
codepage could produce hashes that can't be verified against a server 
using another. Or will cp437 be used regardless of language settings?

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.