Ntlmv2 Storage

Articles Metasploit Framework Windows Tutorial Remote Desktop Connection Windows Processes That May Be Dangerous How-To use NetCat a Tutorial Common Linux Commands Common Ports Netcat Commands HTTP Response Codes War-Google Hack Terms Wardriving Avoiding Social Engineering and Phishing Attacks Intrusion Detection on Linux Linux Intrusion Detection Penetration Testing Guide Penetration Testing Tools Social Engineering Fundamentals, Part I: Hacker Tactics Social engineering (computer security) The Psychology of Social Engineering The Archives General GSO GovernmentSecurity.org News & Suggestions In The News Open Topic General Security Information Trash Can Exploit & Vulnerability Mailing List Archives Trial Member Forum Product and Program Reviews GSO Tutorials System Security Windows Systems Beginners Section Linux & Unix Systems File Downloads Exploit Research & Discussion Trojan & Virus Errata Networking Security / Firewall / IDS / VPN / Routers System Hardening E-Mail Security Wifi Security Trial Member Uploads Upload discovered Trojans & Mal ware GSO Programming Section C , C++ , VC++ Visual Basic .NET Perl /CGI Java/Javascript PHP/XML/ASP/HTML Assembly + Other The Cork Board Network Security Consultant Directory Network Security Jobs The Archives Encryption Information General Network Security Internet Anonymity HTTP Protocol Security Linux Security MS IIS Information Exploit Articles Programming / Tool Design GSO Software Projects Public Downloads Microsoft Security Questions and Papers		Help - Search - Member List - Calendar Full Version: Ntlmv2 Storage GovernmentSecurity.org > System Security > Windows Systems maartenh Aug 12 2005, 02:13 PM In September 2004, there was a thread that included rainbow cracking of NTLMv2 ========================================== 1)"There is a plug-in for Rainbow Crack that allows you to make NTLMv2 hash tables" How is this possible, since NTLMv2 makes use of challenge code and user/workgroupname to calculate the passwordhash? ========================================== I was wondering if anyone knows the answer on this last question: how is creating rainbow tables possible, when the hash not only depends on the password, but also on variables such as the username and domain. Another question: Does anyone here knows if NTLMv2 hashes are stored in the Windows registry / SAM and retrievable with local admin privileges? They only storage items I know are LM and NTLM. Since NTLMv2 depends on the NTLM hash as well, I was starting to think that maybe the NTLMv2 hash is generated on the fly upon an authentication request from a client and is only used for safe network transportation. But as this is just guesswork: anyone here knows how this works??? Maarten plinius Aug 13 2005, 05:16 PM QUOTE There is a plug-in for Rainbow Crack that allows you to make NTLMv2 hash tables ->there isn't such a plug-in. QUOTE starting to think that maybe the NTLMv2 hash is generated on the fly upon an authentication request from a client and is only used for safe network transportation. indeed. It goes as follows: 1/ Client requests connection 2/ server sends challenge code 3/ client send NTLMv2 hash (function of: Username, domainname, serverchallengecode,clientchallengecode,and, of course, the password ). see here: http://www.blackhat.com/presentations/win-...ty-winsec02.ppt (watch out: in the slideshow they make no difference between LMv2 and NTLMv2 , if I remember correct...) This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here. Invision Power Board © 2001-2005 Invision Power Services, Inc.