Need help on LM hash - NT hash

[billy_z]

hi, all
I'm writing a program to bruteforce windows password (SAM).

anyone can provide me some information on the encryption algorithm used by LM hash or NT hash? this is my project for distributed computing class.

thanks.

[ChakanTGM]

Sounds great! You'll be competing with LC3 and AntExp and the like, though. In order to do that, you'll need to learn about SYSKEY too. I'm sure you've thought about that already, though . . .

I'm pretty certain that information on LanMan and Nt hashes can be found here -

http://neworder.box.sk

If not, it's somewhere else on the box network.

Good luck on the program!

[voidmain]

There are two good sources that I can think of complete with code. One is Samba (get the source from http://www.samba.org). And the other is "chntpw" which you can find complete with source here: http://home.eunet.no/~pnordahl/ntpasswd/

Of course if you want to cheat and take the easy way out there are plenty of crack tools out there with source, but that would be no fun.

[ March 26, 2002: Message edited by: VoidMain ]

[ChakanTGM]

Those are great sources VoidMain. SAMBA, most obviously, would use NetBIOS to authenticate and would thus use the hashes.

But chntpw? I've never took a peek at the source for that one but I guess that makes sense. It does write the hashes to the SAM so it must know the hash algorithm.

Good thinking. Both use *NIX however. But that shouldn't be much of a problem.

What website am I at again?  

[voidmain]

Yeah, being *NIX apps really wouldn't matter as the algorithms themselves would not be platform specific.  Should be able to cut/paste them into your own C program.