Windows NT/NTLM Encryption

Hash, generally translated as "hash" , there is a direct transliteration of "hash ", is the arbitrary length of the input (also known as pre-mapping,pre-image), through the hash algorithm, transformed into a fixed-length output, the output is the hash value. This conversion is a compression mapping, where the space of the hash value is usually much smaller than the input space, and different inputs may be hashed to the same output, and it is not possible to determine the input value uniquely from the hash value. Simply, a function that compresses messages of any length to a message digest of a fixed length.

first, MD5 and SHA1 can be said to be the most widely used hash algorithms, and they are based on MD4 design. So what do they mean? Here's a quick word:

(1) MD4

MD4 (RFC 1320) was designed by MIT's Ronald L. Rivest in 1990,MD is the abbreviation for Message Digest. It is implemented on a 32-bit word processor with high-speed software, which is based on the bit operation of the 32-bit operand.

(2) MD5

MD5 (RFC 1321) is an improved version of Rivest in 1991 for MD4. It is still entered as a 512-bit grouping whose output is a cascade of 4 32-bit words, the same as MD4. MD5 is more complex than MD4 and slower, but safer to perform better in terms of resistance to analysis and differential resistance

(3) SHA1 and others

The SHA1 is designed by the NIST NSA to be used with the DSA, which produces a hash value of 160bit in length for inputs of less than 264, thus providing better anti- brute-force. the SHA-1 design is based on the same principles as MD4 and mimics the algorithm.

Second, the hash password format under the Windows system

The hash password format under Windows system is: User name : Rid:lm-hash value : Nt-hash value, for example:administrator:500: C8825DB10F2590EAAAD3B435B51404EE:683020925C5D8569C23AA724774CE6CC::: Indicates

User name is:Administrator

RID is:

The Lm-hash value is: C8825db10f2590eaaad3b435b51404ee
The Nt-hash value is:683020925c5d8569c23aa724774ce6cc

(1) Principle of LM hash value generation under Windows

Assume that the plaintext password is "Welcome", first convert all to uppercase "Welcome", and then do the password string after the capitalization of the string transformed into binary string: "Welcome" 57454c434f4d4500000000000000

Tip: You can copy the plaintext password into the ultraedit editor using Binary view to get the binary string of the password.

Description: If the plaintext password is converted to an uppercase binary string of less than 14 bytes, then you need to add 0x00 to complement the 14 bytes thereafter. Then cut into two groups of 7 bytes of data, respectively, through the Str_to_key () function to get two sets of 8 bytes of data:

57454c434f4d45-str_to_key (), 56a25288347a348a
00000000000000-str_to_key () 0000000000000000

These two sets of 8 bytes of data will be done as Deskey to the Magic string "[email protected]#$%" For standard des encryption

"[Email protected]#$%", 4b47532140232425

56A25288347A348A- Standard des encryption for 4b47532140232425, c23413a8a1e7665f

0000000000000000- Standard des encryption- aad3b435b51404ee for 4b47532140232425

After the encryption of the two sets of data simple splicing, you get the last LM Hash

LM Hash:c23413a8a1e7665faad3b435b51404ee

(2) The principle of NTLM hash generation under Windows

There are several weaknesses in the LM hash algorithm designed by IBM, and Microsoft has put forward its own challenge response mechanism while maintaining backward compatibility, and theNTLM Hash was born. Assuming that the plaintext password is "123456", first converted to a Unicode string, unlike the LM hash algorithm, this time does not need to add 0x00 to complement 14 bytes

310032003300340035003600, "123456"

         When converting from ascii strings to unicode strings, Using the little-endian sequence, Microsoft has not considered lang= >smb "en-us" big-endian protocol ntoh* (), hton* () functions should not be used in smb message decoding. 0x80 before the standard ascii code into unicode code, is simply from 0x?? into 0x00??。 Such standard ascii String press little-endian sequence into unicode string, is simply to add after each byte of the original 0x00. The obtained unicode string is standard md4 one-way hash, regardless of the number of bytes of the data source, md4 fixed generation 128-bit hash value,

16 byte 310032003300340035003600-Standard MD4 one-way hash, 32ed87bdb5fdc5e9cba88547376818d4

You get the last NTLM Hash .

NTLM Hash:32ed87bdb5fdc5e9cba88547376818d4

Compared with the LM hash algorithm, the plaintext password is case-sensitive, unable to determine whether the original plaintext password is less than 8 bytes according to the NTLM hash , and get rid of the magic string "[Email protected]#$%". MD4 is a true one-way hash function, which is difficult to use as the plaintext of the data source.

Three, summarize:

The two encryption algorithms areLanManager (LM) andNTLM,LM can only store password hashes that are less than or equal to 14 characters, and if the password is greater than 14, Windows automatically encrypts it using NTLM.(This inLC5 There are two ways to crack, so can not break out of the time to change the way of thinking, the basic isof NTLM) General use ofPwdump or some otherHash Export tool(such asCain) The exportedThe hash has a correspondingLM andThe NTLM value, which means the number of bits<=14, if greater than14 bits so there's only one correspondingNTLM Hash is available, this timeLM will have a value, but it's useless to us, not by him.LM Rainbow table.
Operating system: forfor XP,Win2K, and win2k3, the system uses LM for encryption by default (also artificially set to NTLM), and then LM is disabled for win2008, Win7,and Vista . NTLM is used by default, so do not take the LM-generated Rainbow table to find the hash value of NTLM, but the reverse is possible, because the use of LM mode of encryption often there will be a corresponding NTLM hash (if the password is <=14, the system also uses NTLM encryption for this password and stores the hash of NTLM ), this time using the ophcrack The NTLM table looks for this NTLM hash, not the LM hash.  < /c7>

Windows NT/NTLM Encryption