Free Rainbow Tables | Forum

Home of the Distributed Generator and Cracker
It is currently 20 Apr 2014, 00:10

All times are UTC + 1 hour [ DST ]




Post new topic Reply to topic  [ 4 posts ] 
Author Message
PostPosted: 08 Apr 2012, 21:17 
Offline
Shoulder Surfer

Joined: 08 Apr 2012, 21:11
Posts: 2
NOTE: forgive me if this topic sounds little off from traditional discussion carried in the website.

I want to assure the compliance of password policy in my office.

Environment Intro My environment is all windows based (server 2003/2008) users strength is not more than 400 employees. Nearly 90% of all users have windows xp O/S installed on their machines the other 10% population is divided between vista and windows 7 operating systems. The maximum strength for password is limited to 10 characters.

Problem statement I want to know the easiest, fastest and the most reliable way of enumerating windows users account. I have downloaded and gone through the use of many password auditing tools (l0phtcrack, ophtcrack,samsinde).

Objectives I want an approach which enables me to enumerate the user account by logging into domain controller and not having to go to each individual machine and then run the software. This activity just creates un-necessary administrative workload. Additionally, I need a software that doesn’t require booting into alternate OS (as in case of ophtcrack) doing so would affect the performance of the users and also becomes annoying.

I want to make use of rainbow tables. The specs handed to me are not enough for me to carry exhaustive brute force attack in the time that is given to me by the senior management to complete the task.

However, I got no issue regarding storage-I can dedicate as much as 1 TB for storing rainbow tables. I would appreciate if you guys can provide me with the suitable link and guide me about the things I should consider before downloading such large size files for my use.

Let me re-explain. I want to check for password strength of windows users not standalone. Those connected to windows environment. I also want to incorporate use of rainbow tables in the exercise. How can i do this task with information provided above?

Thank you.


Top
 Profile  
 
 Post subject:
Posted: 08 Apr 2012, 21:24 


Top
  
 
PostPosted: 08 Apr 2012, 21:24 
Offline
Total Hash Enlightenment

Joined: 15 Jul 2009, 22:38
Posts: 1483
Location: Dallas, TX, USA
1T isn't much space...the complete windows lm and ntlm sets:
373G lm
2.7T ntlm

I'm sure tittentei has great advice and has given advice for windows AD auditing in other threads here before.


Top
 Profile  
 
PostPosted: 10 Apr 2012, 02:49 
Offline
Shoulder Surfer

Joined: 08 Apr 2012, 21:11
Posts: 2
quel wrote:
1T isn't much space...the complete windows lm and ntlm sets:
373G lm
2.7T ntlm

I'm sure tittentei has great advice and has given advice for windows AD auditing in other threads here before.

Thank you for answering me and taking me to the discussion made by tittentei on his ntlm/lm performance. Space is not much of an issue for me as I'm planning to buy the whole ntlm/lm hashes set from the website.

However, i would appreciate if you explain me briefly the exact difference between lm and ntlm hashes? I know that ntlm hashes adds its challenge as a salt to increase complexity. But in terms of rainbow tables and in hashing cracking terms what is the real difference? I want to know..


Top
 Profile  
 
PostPosted: 23 Jul 2012, 01:58 
Offline
Total Hash Enlightenment

Joined: 15 Jul 2009, 22:38
Posts: 1483
Location: Dallas, TX, USA
lazereyes wrote:
quel wrote:
1T isn't much space...the complete windows lm and ntlm sets:
373G lm
2.7T ntlm

I'm sure tittentei has great advice and has given advice for windows AD auditing in other threads here before.

Thank you for answering me and taking me to the discussion made by tittentei on his ntlm/lm performance. Space is not much of an issue for me as I'm planning to buy the whole ntlm/lm hashes set from the website.

However, i would appreciate if you explain me briefly the exact difference between lm and ntlm hashes? I know that ntlm hashes adds its challenge as a salt to increase complexity. But in terms of rainbow tables and in hashing cracking terms what is the real difference? I want to know..


LM is case insensitive and split into 2 7 character halves and is *very* fast to attack since the longest length you ever have to deal with is 7. The best way to ensure LM hashes are not stored is to use a password >= length 15.

NT on disk does not have a challenge or salt and is UCS-2LE encoded (UTF-16LE) and then the md4 of that is stored. It properly obeys case and there are no shortcuts regarding it split in half. If you have the pair then rcracki_mt can be fed the hashes and attack the LM and use the NT to do case correction/unicode correction for the full answer.

I don't have a good quantification of speed off the top of my head but while it is trivial to break almost all LMs (mixed case, numbers, symbols), NT hashes take much longer to attack by any means and while we have tables for mixed case, numbers, and symbols through length 8, no such tables exist for length 9. We have a number of tables that go past length 8 but these are not full coverage of all 4 character groups.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC + 1 hour [ DST ]


Who is online

Users browsing this forum: Google [Bot] and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group