18 Jun
2009
18 Jun
'09
8:24 p.m.
> This doesn't apply, at least in the case of
windows (and perhaps
> others). On windows systems I've seen it decrypt the first (or
> second) half of a password, or the first 8 characters, I've seen it
> do portions in sections. all this with no access to cleartext.
On Thu, 18 Jun 2009, Patrick Finnegan wrote:
So, which of these is it? And, where did you see it?
What version of
the OS, in what program, etc? I can't check this, as I don't have
anything that runs Windows anymore to check this on.
What Dan is referring to is what he has seem in Ophcrack.
When Windoze has a password longer than 7 characters, it breaks it up into
7 character chunks. Thus, a 21 character password is treated as three 7
character passwords, each of which could be cracked independently of the
others, and resulting in 3 times the work of a 7 character password,
instead of the cube of the amount of work.
Ophcrack is not relying on cleartext (like the Thinkpad), but IS working
from the hashcodes read from the system. Working with
precomputed tables,
it is effectively reversing the one-way hash function, to be
able to come
up with a working 7 character string that will hash to the desired value.
--
Grumpy Ol' Fred cisin at xenosoft.com