[Dshield] Password Strength

jmac jmac at securityninjamonkeys.com
Wed Oct 20 16:08:11 GMT 2004


 From the Rainbow Tables website:

"note:     lm(LanManager) table can be used to crack windows password in 
very short time, as demostrated in Demostration 3. The tables will be 
distributed via ftp download after the payment."

 If this was a LanManager password, then isn't he really only cracking 
(in essence) two seperate 7 character passwords, and passwords that 
don't differentiate between upper case and lower case in the password?  
Unless I'm really missing something, the password below would end up 
being N73K_A7 and ()TUBOK.  Everything else would be discarded by the LM 
password process.

Again, I'm probably missing something...but it doesn't seem to be a good 
test case for Rainbow Tables.

jmac


Gary Warner wrote:

> Here's a Rainbow Tables password cracking page:
>
>        http://www.antsight.com/zsl/rainbowcrack/
>
> In Demo 3, the author cracks passwords on an NT box using his largest 
> set of rainbow tables.  Tables which are 25GB in size, and would take 
> approximately 7 months to generate on a "normal" computer.  ( The 
> rainbow tables are available from the author for $120.)
>
> This table uses the charset:
>
> "ABCDEFGHIJKLMNOPQRSTUVWXYZ
> abcdefghijklmnopqrstuvwxyz
> 0123456789!@#$%^&*()-_+= "
>
> (A-Z, a-z, 0-9, 14 symbols, and space)
>
> In the demo, the following passwords fell on a 2.8GHz Pentium in 3 
> minutes 17 seconds:
>
> N73k_a7()TUBoK  _
> z %G)r*EW&2nk#
> cjST$=W0U*-5CH
> (zw= ijV$i*vEX
>
> Anybody got a user community with passwords harder than that?
>
> =============
>
> So, to say "passwords should be changed frequently enough that they 
> cannot be cracked during the password change interval" is just no 
> longer feasible, UNLESS you go to extended length passwords or some 
> entirely different authentication solution.
>
> =============
>
> _______________________________________________
> DShield and the Internet Storm Center are sponsored by the SANS 
> Institute.
> To learn more about current SANS training, see http://www.sans.org .
>
> _______________________________________________
> send all posts to list at lists.dshield.org
> To change your subscription options (or unsubscribe), see: 
> http://www.dshield.org/mailman/listinfo/list
>




More information about the list mailing list