NT hash vs. LM hash

Discussion on encryption, data integrity, passwords, etc

Moderator: 127.0.0.1

NT hash vs. LM hash

Postby 127.0.0.1 » Sun Aug 22, 2004 10:28 pm

Some of you may already know this but for those who don't know this, I thought this was a good thing to know. Because computer security is such a big issue today, and passwords are such a key ingredient to this I thought I would inform everyone about the NT hash next to the LM hash. Passwords that are secured with the NT hash rather than the LM hash are so much more secure, I mean if you had NT hash enabled and someone gained physical access to your box they couldn't just boot up with some 3rd party app and reset your admin password to gain access to your computer like they could if you had LM hash enabled instead of NT hash enabled. Sure I know a person could still hack your pass, but that would be so much harder with NT hash compared to LM hash and before they could go about cracking the password (if you had NT hash) they would have to get their hands on your SAM file first. Where if you didn't have have NT hash enabled and only had LM hash someone could just simply reset your password and gain access to your computer. So heres the registry key to enable NT hash:
(NOTE: NT hash is not enabled by default in Windows XP!)

\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

once in the Lsa directory add a new binary value (if not already there) called 'nolmhash' then set 'nolmhash' to 1 to enable it and 0 to disable it.

Also if anyone is wondering what third party app to use to reset someones password (NOTE: again this tool only works if nolmhash is set to 0 in the registry) Heres the link: http://home.eunet.no/~pnordahl/ntpasswd/
User avatar
127.0.0.1
Mod
Mod
 
Posts: 1200
Joined: Sun Aug 15, 2004 11:07 pm
Location: East Lansing, MI

Postby CyberAcharya » Tue Aug 24, 2004 1:18 am

But there are softwares which can still crack the password even if the NT hash is enabled.
User avatar
CyberAcharya
Level 3 Tech
 
Posts: 291
Joined: Fri Aug 20, 2004 3:04 am

Postby 127.0.0.1 » Tue Aug 24, 2004 9:26 pm

CyberAcharya wrote:But there are softwares which can still crack the password even if the NT hash is enabled.

I said in my 1st post that there was still ways to get around NT hash I was just making a point that NT hash is SO MUCH MORE SECURE than LM hash. In fact just to prove that I already knew that I'll tell YOU how to get around NT hash.

Boot with some type of software that gives you reading and writing permisions on the target drive. I will use knoppix STD for this.

Boot with knoppix STD off of a CD-R (or other media) then once booted to a linux shell navigate to the SAM file and once found save to something such as a USB thumbdrive. Boot back into windows, run a utility called Saminside (or something similiar) to decrpt the sam file. Then run a password cracker such as LC4, run the brute force attack then once lc4 is done cracking, the password will be displayed. (sounds short but it's alot of work cracking takes FOREVER!!)...trust me I know this method works!! :twisted:

See I was just saying with NT hash you would be forced to go through all these steps (to crack the target password) which would discourage most people from taking the time. Where as if you had LM they could just use a simple utility to reset your password my whole point of this topic was to show people how much more secure NT hash is compared to LM hash of course I knew theres still ways around NT hash encryption who do you take me for? Whats even more unbelieveable about this whole thing is the fact that I stated in my first post how NT hash is so much more secure than LM hash, BUT I never said there was no way around its encryption.

**BOTTOM LINE**Switch to NT hash!! :wink:
User avatar
127.0.0.1
Mod
Mod
 
Posts: 1200
Joined: Sun Aug 15, 2004 11:07 pm
Location: East Lansing, MI


Return to Encryption

Who is online

Users browsing this forum: No registered users and 2 guests

cron