From: dan@milliways.org (Dan Bailey)
To: futplex@pseudonym.com
Message Hash: f47af05976b59f29a2a444c5a9f68bf94a40499cfbeb623b15694505c689cfe0
Message ID: <199512091433.OAA27353@pop01.ny.us.ibm.net>
Reply To: N/A
UTC Datetime: 1995-12-09 14:32:34 UTC
Raw Date: Sat, 9 Dec 95 06:32:34 PST
From: dan@milliways.org (Dan Bailey)
Date: Sat, 9 Dec 95 06:32:34 PST
To: futplex@pseudonym.com
Subject: Re: Win NT proprietary pw encryption (Was: Re: Windows .PW
Message-ID: <199512091433.OAA27353@pop01.ny.us.ibm.net>
MIME-Version: 1.0
Content-Type: text/plain
On Sat, 9 Dec 1995 03:15:51 -0500 (EST) you wrote:
>I don't quite agree with the last part. It might be educational to do a spot
>of cryptanalysis in an attempt to determine the nature of the proprietary
>algorithm used. It wouldn't be "cracking" the password protection, but I
>think the general effort to "out" proprietary crypto algorithms is productive,
>particularly in the case of major software packages.
>
>
>Anyone feel like putting together some sample plaintext/ciphertext pairs ?
>
Well, the problem with coming up with plaintext/ciphertext is that
I've never been able to find out exactly where the the SAM database is
physically stored. Using Registry Editor, it's visible but not
accessible as part of the Registry. Microsoft's APIs won't give you
access to the stored ciphertext, so some serious hacking is required
here, I'm just not sure where to begin. I think a hacked version of
the Registry APIs that allow you to read the ciphertext would be a
good place to start, but again, I'm not sure where to begin writing
such a thing.
The second problem is that we're not sure exactly what gets hashed
and in what order. Is it username0x00password0x00domainname0x00SID or
something similar? Tough to tell and MSoft wants to rely on the
"tamper-proofness" of NT rather than on algorithmic security. If
anyone has more information on these issues, I'd love to know what's
really going on there.
Dan
***************************************************************
#define private public dan@milliways.org
Worcester Polytechnic Institute and The Restaurant at the End of the Universe
***************************************************************
Return to December 1995
Return to “dan@milliways.org (Dan Bailey)”
1995-12-09 (Sat, 9 Dec 95 06:32:34 PST) - Re: Win NT proprietary pw encryption (Was: Re: Windows .PW - dan@milliways.org (Dan Bailey)