
	Where results make sense

Topic: LM hash

Related Topics

hash function

hash tables

cryptographic hash function

hash collision

Keyed hash message authentication code

Tiger hash

Hash food

Distributed hash table

Pearson hashing

Perfect hash function

Tiger hash function

hash algorithm

In the News (Fri 1 Jan 10)

Northern Trust

Marvin Harrison

Peter Chernin

Gary Locke

Match Play

Penelope Cruz

Mickey Rourke

AR Rahman

Danny Boyle

Hugh Jackman

	Berkeley Lab Computer Protection Program: Resources (Site not responding. Last check: 2007-10-21)
		Due to this weak algorithm, the problem of cracking a LM hashed password is reduced to cracking one or possibly two 7 character passwords without regard to upper or lower case.
		The goal of this effort is to eliminate the storage of LM hash at Berkeley Lab.
		Unfortunately, as the policy states, changing this security policy setting does not immediately remove the LM hash, instead a password change is needed to remove the LM hash.
	www.lbl.gov /icsd/security/systems/lanman.html (1211 words)

	LM hash - Wikipedia, the free encyclopedia
		LM hash or LAN Manager hash is one of the formats that Microsoft LAN Manager and Microsoft Windows use to store Windows user passwords that are less than 15 characters long.
		Although it is based on DES, a reasonably secure hash function, the LM hash can easily be cracked due to two weaknesses in its implementation.
		Because LM hash does not include salt, a time-memory trade-off cryptanalysis attack is also feasible.
	en.wikipedia.org /wiki/LM_hash (514 words)

	LM_hash
		LM hash or LAN Manager hash is one of the formats that Microsoft LAN Manager and Microsoft Windows uses to store Windows user passwords that are less than 15 characters in length.
		This type of hash was the only type of encryption used in Microsoft LAN Manager (hence the name) and early versions of Windows (up to Windows Me) and is still supported in recent versions for backward compatibility.
		Although it is based on a reasonably secure hash function (DES, derived from the block cipher DES), the LM hash can easily be cracked because of two weaknesses in the way it is implemented.
	www.brainyencyclopedia.com /encyclopedia/l/lm/lm_hash.html (499 words)

	Software Analysis
		The hashed password from the client was compared with the hash of the same password in the server's database.
		The LM hash is based upon a relatively weak algorithm which divides a password into seven-character segments.
		Although both NTLMv2 and W2k Kerberos remove the LM hash from the network authentication exchange, it is still retained as part of the local password database located in the SAM file on NT/W2K machines and/or in the Active Directory on W2k domain controllers.
	www.unc.edu /~smithdr/inls187/sr.html (2120 words)

	Valery's blog - Passwords. Part I - LM Hash (Site not responding. Last check: 2007-10-21)
		So, if someone decides to brute force search the password from LM Hash, all he/she needs is to search for two 7 bytes halves of the password (independently from each other) which is much easier task than to brute force one single 14 bytes password.
		LM Hash even further reduces entropy of DES keys generated from the passwords by converting them upper case.
		The simplest way of avoiding LM Hash to be stored in SAM is to use password that is longer than 14 characters and/or containing characters not convertable to LM Hash character set.
	www.harper.no /valery/PermaLink,guid,8cb9ada6-0f04-4ce0-a1b5-5b9a5f295df5.aspx (1542 words)

	Mac OS X password hashes - MacShadows KB
		A hash function is an algorithm which, in essence, produces a digital 'fingerprint' of a set length (typically expressed in bits) completely unique to the data input to the function.
		A hash algorithm is considered cryptographically secure if there is no way to replicate the output of the hash function other than either inputting the original input, or doing a brute force search of the keyspace of the hash function.
		Apple also salted the SHA1 hashes with a 32 bit salt, which is prefixed to the hash, and if you upgraded from Panther, it creates a 'compatibility' hash from your previous SHA1 password hash.
	www.macshadows.com /kb/index.php?title=Mac_OS_X_password_hashes (1403 words)

	STAT® Security Threat Avoidance Technology (Site not responding. Last check: 2007-10-21)
		One form is an "NT hash" form that is used to authenticate users on Windows NT clients, and the other is an "LM hash" form that is used to authenticate users on Windows 95, Windows 98, Windows Me, DOS, Windows 3.1, Windows for Workgroups, OS/2, and Macintosh.
		The first 8 bytes of the LM hash are derived from the first 7 characters of the password.
		The hash is encrypted with DES by using the computer's Relative ID (RID) as the crypt key.
	www.statonline.com /technologies/sec_articles/ntpassword.asp (1149 words)

	Robert Hensing's Blog : Hak5 produces 120GB LM hash rainbow table - complete charset!!!
		So the Hak5 folks have produced complete hash tables for the LM version of the password hash used by Windows and the tables are good for all valid characters that can be used in an LM password for the 1-7 password length.
		The "1-7 characters" part might make it sound like your hash is safe if its of a password that is 11 characters long, BUT (as you may or may not know) you only need 1-7 length tables to crack 1-14 character length LM password hashes because of errm.
		You have to obviously pay to play with those hash tables and they are largely incomplete (for the NT hashes).
	blogs.technet.com /robert_hensing/archive/2007/01/16/hak5-produces-120gb-lm-hash-rainbow-table-complete-charset.aspx (329 words)

	The NTLM Authentication Protocol and Security Support Provider
		Note that unlike Unix password hashes, the LM and NTLM hash are password-equivalents in the context of the response calculations; they must be protected, as they can be used to authenticate users across the network even without knowledge of the actual password itself.
		The 16-byte LM hash is null-padded to 21 bytes.
		The 16-byte NTLM hash is null-padded to 21 bytes.
	davenport.sourceforge.net /ntlm.html (13397 words)

	Frequently Asked Questions About Passwords -- TechNet Column - Security Management - October 2005
		Hashes are useful, for example, as a checksum to verify that data has not been modified in transmission.
		A cryptographic hash must, for instance, by created in such a way that it is mathematically infeasible in a reasonable amount of time to infer the larger set of data from only the hash.
		Although the LM OWF is not actually a hash, its output is commonly called the "LM hash" since the NT OWF generates the "NT hash." For the sake of simplicity, I will use the term "hash" to denote each of these, even though hash is not always correct.
	www.microsoft.com /technet/community/columns/secmgmt/sm1005.mspx (7690 words)

	J!NX Forums - LM Hash Database
		Peter Clark writes "Disk storage has increased tremendously in the past 5 years and the blatant insecurities in the antiquated LM hashing technique have not gone away; though functionality has been added to disable LM hashes, this is not set by default.
		With some help from Elcomsoft, simple flat files have been created that hold every combination of LM hash for letters only passwords.
		Simply telnet to: beginningtoseethelight.no-ip.org on port 2501 and paste in a LM hash.
	www.jinx.com /forum/topic.asp?TOPIC_ID=14508 (178 words)

	DooDeeToo - ako na to (Site not responding. Last check: 2007-10-21)
		Hash LM nie je citlivý na ve¾kos písmen, teda nerozoznáva malé a ve¾ké písmená v hesle.
		Hash NTLM rozliuje ve¾kos písmen v hesle a heslo nerozde¾uje na 7-znakové skupiny.
		LM hash: Ak chceme heslo háda, musíme bra do úvahy vetky 7-prvkové (na vyrieenie prvej èasti hesla) kombinácie z mnoiny 26 + 10 + 33 = 69 znakov (nerozliujú sa malé a ve¾ké písmená).
	doodeetoo.ziak.sk /akonato.php?tema=bezp-NoLMHash (469 words)

	RFC 2548 - Microsoft Vendor-specific RADIUS Attributes
		The encrypted Windows NT password is 516 octets in length; since this is longer than the maximum lengtth of a RADIUS attribute, the password must be split into several attibutes for transmission.
		NT-Response The NT-Response field is 24 octets in length and holds an encoded function of the new password, the Peer-Challenge field and the received challenge.
		The LM-Key is eight octets in length and contains the first eight bytes of the output of the function LmPasswordHash(P, This hash is constructed as follows: let the plain-text password be represented by P. The NT-Key sub-field is sixteen octets in length and contains the first sixteen octets of the hashed Windows NT password.
	members.tripod.com /rfc_archive/rfc_2548.html (7782 words)

	Dave Dribin's blog: How Mac OS X Implements Password Authentication, Part 2
		That's correct: passwords are not shadowed and it uses the same hashing algorithm used in AT&T Unix Version 7, which was released in 1979.
		It turns out this string of 104 characters is the password hashed twice: once with SHA1, and again with Windows LM hash, often called LANMAN.
		The fact the passwords are also hashed with LANMAN is a far worse problem.
	www.dribin.org /dave/blog/archives/2006/04/28/os_x_passwords_2 (1362 words)

	Protect Against Weak Authentication Protocols and Passwords (Site not responding. Last check: 2007-10-21)
		Since the hash is already known, the tool only needs to do a comparison of the hash table to the password hash from the operating system.
		By default the LM and NTLM password hashes are sent across the network during authentication.
		The LM and NTLM hashes are generated by all computers by default to support backward compatibility, even if there are no computers on the network that require LM or NTLM hashes.
	www.windowsecurity.com /pages/article_p.asp?id=1380 (2294 words)

	Sunbelt TECH BRIEFING
		One form is an "NT hash" form that is used to authenticate users on Windows NT clients, and the other is an "LM hash" form that is used to authenticate users on Windows 95, Windows 98, DOS, 3.1, Windows for Workgroups, OS/2, and Macintosh.
		The first 8 bytes of the LM hash are derived from the first 7 chars of the password.
		For example, if the second half of the password (the last 3 chars of a 10-character password) is cracked and ends in 789, then it is a safe assumption that the previous password chars may be 123456.
	www.stratvantage.com /security/ntpass.htm (979 words)

	NT Password Length -- The LM Hash Factor
		Like the weakest link in a chain, it is the weaknesses of LM Hash format that causes the strength of entire system to collapse.
		The justification for the LM Hash format is backward compatibility with legacy versions of the Microsoft Windows® network-enabled operating systems, going back to LAN Manager® and Windows for Workgroups®, which used the LM hash authentication scheme for LAN Manager (LANMAN) clients.
		The second weakness of the LM Hash scheme is an even greater one, however, because of the method used to prepare the password for encryption.
	www.thebitmill.com /articles/nt_password.html (965 words)

	About Windows passwords
		The LM hash is relatively weak compared to the NTLM hash, but it is needed for backward compatibility with Windows 9x clients, and used, typically, to authorize remote connection to a given machine.
		To generate the LM hash, the system converts the password from UNICODE to ANSI (one byte per character), and translates all characters into uppercase.
		So, if your system uses LM authentication (and so LM hashes are available), the real password length (complexity) is just 7 characters, and the 14-character password is not much stronger than one of 7 characters.
	www.elcomsoft.com /help/ppa/about_windows_passwords.htm (300 words)

	How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases (Site not responding. Last check: 2007-10-21)
		Users without an LM hash will not be able to connect to a Windows 95-based computer or a Windows 98-based computer that is acting as a server unless the Directory Services Client for Windows 95 and Windows 98 is installed on the server.
		This registry key prevents new LM hashes from being created on Windows 2000-based computers, but it does not clear the history of previous LM hashes that are stored.
		The simplest way to prevent Windows from storing an LM hash of your password is to use a password that is at least 15 characters long.
	support.microsoft.com /default.aspx?scid=KB;EN-US;q299656& (1265 words)

	Valery's blog - Passwords. Part I - LM Hash (Site not responding. Last check: 2007-10-21)
		Instead, the passwords are encrypted with the LAN Manager one-way function (OWF), which is formed by converting the password to uppercase characters, breaking the 14-character password into 7-character halves, adding padding for passwords with less than 14 characters, and encrypting a constant with the 7-character halves by using the DES encryption algorithm.
		Unlike LM passwords, NTLM passwords are based on the Unicode character set, are case sensitive, and can be up to 128 characters long.
		Another difference between NTLM and LM is that NTLM passwords are not broken into smaller pieces before having their hash algorithm computed.
	www.harper.no /valery/CommentView,guid,8cb9ada6-0f04-4ce0-a1b5-5b9a5f295df5.aspx (2376 words)

	Project RainbowCrack
		One interesting stuff among them is the lm #6 table, with which we can break any windows password up to 14 characters in a few minutes.
		"lm" table can be used to break windows password.
		The rcrack.exe program in rainbowcrack can do the work of case correction with the help of ntlm hash if we are processing the hash file in pwdump format.
	www.antsight.com /zsl/rainbowcrack (734 words)

	Password cracking methods
		Once the password hashes are obtained, the Hash type field shows either LM+NTLM (which means that both LM and NTLM hashes are present), or NTLM (if LM hash is not available); see About Windows passwords for explanation.
		So you can complete a full LM attack (for all 14-character passwords) in a very reasonable time – from a few minutes and up to a few days, depending on the selected character set and the speed of your CPU.
		Because of the weak implementation of password hashing (Windows does not add random characters to the password before calculating its hash), it takes almost the same time to try the same password for 2 users, or for 100 users, or even as many as 10,000 users.
	www.elcomsoft.com /help/ppa/password_cracking_methods.htm (395 words)

	L0phtcrack 1.5 Lanman / NT password hash cracker
		MS agrees that the LM hash is a horrible implementation from a security standpoint.
		MS keeps talking about the NT hash being so secure while refusing to talk about how weak the LM hash is. Guess what, you probably won't be able to use the "added security" of the NT hash on your network.
		The LM hash is incredibly weak and your more secure NT hash is brought down to the lowest common denominator.
	insecure.org /sploits/l0phtcrack.lanman.problems.html (3236 words)

	Valery's blog - Saturday, 31 July 2004 (Site not responding. Last check: 2007-10-21)
		Scheme is simple – password is hashed with MD4 algorithm and stored in SAM database and (for domain users) in Active directory (unicodePwd write-only attribute of User class).
		Cryptographic hash functions or message digest algorithms are functions that map plain text of arbitrary length into a fixed length result.
		It uses 8 characters of the password (provided characters belong to 7bit characters set) while as LM Hash uses two 7 characters halves of the password (former is stronger than later).
	www.harper.no /valery/default,date,2004-07-31.aspx (7964 words)

Try your search on: Qwika (all wikis)