Windows Hash and cracking

Windows Hash and cracking

 

Overview

1.1 hash

Hash is usually translated as "Hash", which is also directly translated as "Hash", that is, input of any length (also called pre- ing, pre-image ), the hash algorithm is used to convert an output with a fixed length. The output is the hash value. This type of conversion is a compression ing, that is, the space of hash values is usually much smaller than the input space, and different inputs may be hashed into the same output, therefore, it is impossible to uniquely determine the input value from the hash value. Simply put, a function compresses messages of any length to a fixed-length message digest.

Introduction to common hash algorithms:

(1) MD4

MD4 (RFC 1320) was designed by MIT's Ronald L. Rivest in 1990. MD is short for Message Digest (Message Digest. It is applicable to high-speed software implementation on 32-bit character-length processors-it is implemented based on 32-bit operations.

(2) MD5

MD5 (RFC 1321) is an improved version of MD4 by Rivest in 1991. It still groups the input in 512 bits, and its output is a cascade of 4 32 bits, which is the same as that of md4. MD5 is more complex than MD4, and the speed is a little slower, but it is safer and better in terms of anti-analysis and anti-difference performance.

(3) SHA-1 and others

SHA1 is designed to be used together with DSA by nist nsa. It generates a hash value with a length of less than 264 for an input with a length of bits. Therefore, SHA1 is resistant to brute force attacks) better performance. SHA-1 is designed based on the same principle as MD4 and imitates this algorithm.

The application of the Hash algorithm in information security is mainly reflected in the following three aspects:

(1) file Verification

We are familiar with the parity and CRC verification algorithms. These two verification algorithms do not have the ability to defend against data tampering. To a certain extent, they can detect and correct channel codes in data transmission, however, it cannot prevent malicious data destruction.

The "digital fingerprint" feature of the MD5 Hash algorithm makes it the most widely used file integrity Checksum algorithm. Many Unix systems provide commands for calculating md5 checksum.

(2) Digital Signature

Hash algorithms are also an important part of modern cryptographic systems. Due to the slow operation speed of asymmetric algorithms, one-way hashing plays an important role in Digital Signature protocols. It can be regarded as equivalent in statistics to digital signature of the file itself. This Protocol also has other advantages.

(3) Authentication Protocol

The following authentication protocol is also called challenge-Authentication Mode: this is a simple and secure method when the transmission channel can be listened but cannot be tampered. The above are some basic preparations for hash and related knowledge.

Windows hash

Windows hash consists of two parts: lm hash & nt hash. The composition of hash in Windows is as follows:

User name: RID: LM-HASH value: NT-HASH Value

2.1 How lm hash is generated in Windows

The lm hash generation rules are as follows:

1. the user's password is limited to a maximum of 14 characters. 2. Convert your password to uppercase. 3. the user's password code in the system uses the OEM internal code page 4. If the password is less than 14 bytes, 0 will be used for completion. 5. A fixed-length password is divided into two 7byte segments. Each part is converted into a bit stream, and 0 is added at the end of a group of 7 bits to form a new encoding 6. The 8byte group obtained in the previous step is used as the DES key as "KGS! @ # $ %. 7. splice the two sets of DES encrypted codes to obtain the final lm hash value.

Example:

· Assume that the plaintext password is "admin". First, convert all the passwords to "ADMIN ",

· Convert the password string in uppercase to a hexadecimal string: 41444D494E

· After the conversion, the hexadecimal string is calculated as only 40 BITs in binary format. To meet the requirements of 14 bytes, we need to complete the binary 0 of 72bits. After the final completion, the hexadecimal value is 41444d494e0000000000000000000000.

· Divide the above Code (41444d494e0000000000000000000000) into two groups of 7 bytes of data:

41444D494E0000

00000000000000

· Convert the hexadecimal format of each 7-byte group to binary. Add 0 at the end of each 7-bit group. Then, convert the hexadecimal format to get the 8-byte encoding of the two groups:

41444D494E0000-> 40A212A894700000

00000000000000-> 0000000000000000

· Use the two groups of codes calculated above as the DES encryption key to pair "KGS! @ # $ % "(Converted to hexadecimal: 4B47532140232425) character, DES encryption, as follows:

40A212A894700000--DES encryption -- F0D412BD764FFE81

Encryption encryption certificate --des encryption -- AAD3B435B51404EE

 

 

· Concatenate two sets of values to obtain the lm hash value:

F0D412BD764FFE81 AAD3B435B51404EE

Verification example:

 

2.2 NTLM Hash Generation Principle in Windows

The LM Hash algorithm designed by IBM has several weaknesses. Microsoft puts forward its own challenge response mechanism while maintaining backward compatibility. NTLM Hash came into being. Assume that the plaintext password is "123456" and is first converted to a Unicode string, which is different from the LM Hash algorithm. This time, you do not need to add 0 to supplement 14 bytes.

"123456"-> 310032003300340035003600.

When converting from an ASCII string to a Unicode string, the little-endian sequence is used. Microsoft did not consider the big-endian sequence, ntoh * (), hton * () when designing the entire SMB protocol *() the function should not be used in SMB Message decoding. The standard ASCII code before 0x80 is converted to Unicode code, that is, it is simply changed from 0x to 0x00. This standard ASCII string is converted to a Unicode string in the order of little-endian, that is, 0 × 00 is simply added after each original byte. Standard MD4 unidirectional hash of the retrieved Unicode string. No matter how many bytes the data source has, MD4 will generate a 128-bit hash value, 16-byte 310032003300340035003600-perform standard MD4 unidirectional Hash-> 32ED87BDB5FDC5E9 CBA88547376818D4, and the final NTLM Hash is obtained.

NTLM Hash: 32ED87BDB5FDC5E9CBA88547376818D4.

Compared with the LM Hash algorithm, the plaintext password is case sensitive and cannot be used to determine whether the original plaintext password is smaller than 8 bytes based on NTLM Hash. The magic string "KGS! @ # $ % ". MD4 is a real one-way hash function. It is difficult to use it as the plaintext of the data source.

The verification is as follows:

 

Start cracking

3.1 capture windows hash

In windows, lm hash and ntlm hash are used separately to encrypt the password, so any HASH can be captured to crack the password, but if both HASH values can be captured, the password decryption success rate will be greatly improved. Many tools are often used to capture windows hash, such as SAMInside and gethash. Individuals prefer to use the SAMinside tool, which not only captures windows hash online, but also imports files such as sam that store windows hash to obtain the hash value.

File Location:

C:\windows\system32\config\SAM

In windows xp and before server2003, all systems including xp & 2003 can capture the complete lm hash & nt hash through tools. In this way, you can directly crack the password through an online deciphering website.

However, the later system can change some settings so that the operating system can store the lm hash value to the SAM file. It is convenient for us to capture.

3.1.1 hash crawling and cracking in xp (omitted)

3.1.2 hash crawling and cracking in win 7

Step 1: import the local user hash Value

 

 

You cannot see the picture clearly. The nt hash of the username nic is: 209C6174DA490CAEB422F3FA5A7AE634

We can see that only the nt hash value can be captured. We can also use the nt hash to crack the windows Password, because lm hash and nt hash are only two different encryption methods, for the same password.

 

You can see that without lm hash, you can break the password. However, with lm hash, there will be more success rates.

However, when the password cannot be decrypted through nt hash, we need to find a way to implement lm hash and change the Local Security Policy settings. The specific steps are as follows:

 

 

 

However, this method is somewhat limited because it takes effect only after the password is changed for the next time. Alas ~

After changing the password, try again:

 

LMHASH: a0a9f8a5b5510ffde72108ef50f76a05

Nt hash: 6097374CDF87C142A7F98798EBF4B402

We first crack each generated HASH:

Lm hash cracking:

 

Only LM is used to crack the attack in upper case and lower case. I don't know where the problem is.

Nt hash cracking: (ps: pay for a longer password)

 

Combination of two swords, lm hash & nt hash cracking:

Input Format: lm hash: nt hash. The correct password is displayed.