From: Bernd Lehle <le...@rus.uni-stuttgart.de> Subject: Windows NT Pasword encryption Date: 1996/11/15 Message-ID: <328C7E46.41C6@rus.uni-stuttgart.de>#1/1 X-Deja-AN: 196657401 content-type: text/plain; charset=us-ascii organization: Computing Center, University of Stuttgart mime-version: 1.0 newsgroups: sci.crypt x-mailer: Mozilla 3.0 (X11; I; IRIX 5.3 IP22) Hi there, On http://www.omna.com/Yes/MWC/PRS-index.htm a company called MWC offers the following service: "recover" an NT (any version) Administrator password at any level of com- plexity within 4 hours. They claim to use 4 PPro-200s and guarantee the result for a fee of US$4500. NT uses up to 14 characters in a password. In order to recover a UNIX pass- word at any level of complexity with 14 characters, 4 PPro-200s will crunch for approx. 1e16 years (assuming 10,000 crypts per CPU per second). Does anybody know, where the difference comes from ? -- > Bernd Lehle alias Wolfskin - Born to be wild * A supercomputer < > Stuttgart University Supercomputing Center * is a machine that < > e-mail: le...@rus.uni-stuttgart.de * runs an endless < > Tel:+49-711-685-5531, Fax:+49-711-6787626 * loop in 2 seconds. <
From: Jeremy Allison <j...@cygnus.com> Subject: Re: Windows NT Pasword encryption Date: 1996/11/18 Message-ID: <3290A219.41C6@cygnus.com>#1/1 X-Deja-AN: 197285692 references: <328C7E46.41C6@rus.uni-stuttgart.de> content-type: text/plain; charset=us-ascii organization: Cygnus Support mime-version: 1.0 newsgroups: sci.crypt x-mailer: Mozilla 2.01S (X11; I; IRIX 6.2 IP22) Bernd Lehle wrote: > On http://www.omna.com/Yes/MWC/PRS-index.htm a company called MWC offers > the following service: > > "recover" an NT (any version) Administrator password at any level of > complexity within 4 hours. > > They claim to use 4 PPro-200s and guarantee the result for a fee of > US$4500. > > NT uses up to 14 characters in a password.>. In order to recover a UNIX > password at any level of complexity with 14 characters, 4 PPro-200s will > crunch for approx. 1e16 years (assuming 10,000 crypts per CPU per second). > Does anybody know, where the difference comes from ? > Yes, this is very interesting. I believe I know how they are doing this. They have discovered a nasty little 'secret' in NT that I have been persuing for a couple of years now (on and off, without really dedicating months of time to it though :-). My guess would be, if you sent them a drive and told them you had lost your password, it would come back with a different Administrator password than the one you sent it in with :-). It works like this. The NT password database in the registry is only as secure as UNIX shadow passwords (actually, a little less secure as they don't use salt in their hash technique, it's pure DES for the Lanman pasword, and MD4 for the NT password). The 'nasty little secret' is that the hashed password values are double encrypted (for 'obfusication purposes' it says in the NT knowledgebase) in the SAM. I believe this company has worked out how that double encryption is done, and just overwrite the hashed password. My explorations in this area lead me to belive that MS use DES in ecb mode to just encrypt the hash, and that the key is some function of the last RID component of the users SID value. I believe this to be the case after doing various experiments on an NT SAM database, changing users names whilst keeping password the same (no change in double-encrypted hash), assigning the same password to users with the same name but different SID's (different double encrypted hash), assigning the same password to users with different names, in different domains, but with the same last RID component of the SID (identical double-encrypted hash). If anyone has any information on how to derive the DES key from the RID I would be very glad to know this. It would allow me to do three things I would dearly love to do. 1). Write a working inetd on NT without needing plaintext passwords. 2). Add the setuid() call (or a variant of it) to Cygwin32. 3). Synchronise Samba smbpassword files with an NT domain, and make this part of the Samba distribution. Any info anyone....... ? Regards, Jeremy Allison j...@cygnus.com