Waraxe IT Security Portal
Login or Register
December 1, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 54
Members: 0
Total: 54
Full disclosure
SEC Consult SA-20241127-0 :: Stored Cross-Site Scripting in Omada Identity (CVE-2024-52951)
SEC Consult SA-20241125-0 :: Unlocked JTAG interface and buffer overflow in Siemens SM-2558 Protocol Element, Siemens CP-2016 & CP-2019
Re: Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1
Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
APPLE-SA-11-19-2024-2 visionOS 2.1.1
APPLE-SA-11-19-2024-1 Safari 18.1.1
Reflected XSS - fronsetiav1.1
XXE OOB - fronsetiav1.1
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> General discussion -> NTLM And LM Algoritm
Post new topicReply to topic View previous topic :: View next topic
NTLM And LM Algoritm
PostPosted: Wed Feb 22, 2006 12:10 pm Reply with quote
outlawsys
Regular user
Regular user
Joined: Jun 11, 2005
Posts: 12




Hi Everyone,
I created NTLM Rainbow Table to crack WinXP's Admin Password.But I want to ask that whch algoritm use WinXP?
I searched the web and i found
NT based(2000,2003,XP uses NTLM Algoritm)
9x(95-98-Me uses LM Algoritm)

Is it True?

And windowsXP recover hash in system32/config/SAM file?
View user's profile Send private message
PostPosted: Wed Mar 01, 2006 3:33 pm Reply with quote
slimjim100
Valuable expert
Valuable expert
Joined: Jun 09, 2004
Posts: 208
Location: USA




outlawsys,

THe type of hash depends on the version of windows and how the OS is setup. XP still can use a LM hash for passwords if the network has any older systems on it. The best way to get the hashes is... Cain & Able, PWDUMP3, Sam inside, & many other programs.

Slimjim100

_________________
www.anti-hacker.info
View user's profile Send private message Send e-mail Visit poster's website Yahoo Messenger MSN Messenger
PostPosted: Mon Mar 06, 2006 3:47 pm Reply with quote
y3dips
Valuable expert
Valuable expert
Joined: Feb 25, 2005
Posts: 281
Location: Indonesia




yes u can find the password file at C:\WINDOWS\system32\config

i used to crack with john using a dictionary, u can use pwdump for getting the hash on windows or samdump (with bkhive) on linux

_________________
IO::y3dips->new(http://clog.ammar.web.id);
View user's profile Send private message Visit poster's website Yahoo Messenger
PostPosted: Sun Mar 26, 2006 9:43 pm Reply with quote
outlawsys
Regular user
Regular user
Joined: Jun 11, 2005
Posts: 12




But pwdump dont works without administrator groups users.
It want admin rights .But i want a program when i login a normal user it gives me all hashes.Is there a program like this?
View user's profile Send private message
PostPosted: Fri Mar 31, 2006 12:36 am Reply with quote
ToXiC
Moderator
Moderator
Joined: Dec 01, 2004
Posts: 181
Location: Cyprus




outlawsys wrote:
But pwdump dont works without administrator groups users.
It want admin rights .But i want a program when i login a normal user it gives me all hashes.Is there a program like this?


cain and abel i think . but it depents on your windows system or if you are connected to a network it may be like lm + ntlm +challenge ...

in any way is a great tool .. a must have.

ToX

_________________
who|grep -i blonde|talk; cd~;wine;talk;touch;unzip;touch; strip;gasp;finger;gasp;mount; fsck; more; yes; gasp; umount; make clean; sleep;wakeup;goto http://www.md5this.com
View user's profile Send private message Visit poster's website MSN Messenger
PostPosted: Fri Mar 31, 2006 1:37 am Reply with quote
slimjim100
Valuable expert
Valuable expert
Joined: Jun 09, 2004
Posts: 208
Location: USA




outlawsys,

ToXic is correct in that Cain & Able can sniff and capture the LM + Challenge hash. To do this you will need to ARP Poison the subnet and sniff for the hashes. Once you have one you can sent it to the cracker in Cain and then brutforce it or use dictionary. If you need more info on this I have wrote a paper on it here:
http://www.middlegeorgia.org/default.asp?id=44&mnu=44
http://www.middlegeorgia.org/default.asp?id=45&mnu=45
http://www.middlegeorgia.org/default.asp?id=54&mnu=54

Read the papers and e-mail me if you have any other questions on using Cain.

Slimjim100

_________________
www.anti-hacker.info
View user's profile Send private message Send e-mail Visit poster's website Yahoo Messenger MSN Messenger
PostPosted: Fri Mar 31, 2006 7:45 pm Reply with quote
Vixje
Active user
Active user
Joined: Mar 25, 2006
Posts: 35




Hmm cool, i didnt know that really worked with ca&able, I always use ettercap for it. Im gonna download your manuals, thnx
View user's profile Send private message
PostPosted: Fri Mar 31, 2006 11:29 pm Reply with quote
slimjim100
Valuable expert
Valuable expert
Joined: Jun 09, 2004
Posts: 208
Location: USA




Edit.... I removed this post because it was off subject.

Sorry to bother any of you guys/gals Razz

Slimjim100


Last edited by slimjim100 on Mon Apr 17, 2006 6:50 pm; edited 1 time in total

_________________
www.anti-hacker.info
View user's profile Send private message Send e-mail Visit poster's website Yahoo Messenger MSN Messenger
PostPosted: Sat Apr 01, 2006 1:39 pm Reply with quote
Vixje
Active user
Active user
Joined: Mar 25, 2006
Posts: 35




Hi slimjim,

I would really want to help out, but i really dont like having googles toolbar in my vision haha Wink You might wanna get yourself a "donate via paypal" button so the people can help you out, I'm more than willing too do so.

Also let me know if I can help you with any hosting services.

Regards
View user's profile Send private message
NTLM And LM Algoritm
www.waraxe.us Forum Index -> General discussion
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.047 Seconds