This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
LM hash
LM hash

Version management

Difference between version and

At line 1 added 31 lines
!!! Overview
[{$pagename}], LanMan hash, or LAN Manager hash is a compromised password hashing function that was the primary hash that Microsoft LAN Manager and Microsoft Windows versions prior to [Windows Server NT] used to store user [passwords].
Support for the legacy [{$pagename}] continued in later versions of [Microsoft Windows] for backward compatibility, but was recommended by [Microsoft] to be turned off by administrators; as of [Windows Vista], the protocol is disabled by default, but continues to be used by some non-Microsoft [CIFS] implementations.
!! [{$pagename}] [Algorithm]
The [{$pagename}] is computed as follows:
* The user's [password] is restricted to a maximum of fourteen characters.
* The user’s [password] is converted to [UPPERCASE].
* The user's [password] is encoded in the System OEM code page.
* This [password] is null-[padded] to 14 bytes.
* The “fixed-length” [password] is split into two 7-byte halves.
* These values are used to create two [DES] keys, one from each 7-byte half, by converting the seven bytes into a bit stream with the most significant bit first, and inserting a [null] bit after every seven bits (so 1010100 becomes 10101000).
This generates the 64 bits needed for a [DES] key.
Each of the two keys is used to [DES]-encrypt the constant [ASCII] string “KGS!@#$%”, resulting in two 8-byte ciphertext values. The [DES] CipherMode should be set to ECB, and PaddingMode should be set to NONE.
These two ciphertext values are concatenated to form a 16-byte value, which is the [{$pagename}].
To address the security weaknesses inherent in LM encryption and authentication schemes, Microsoft introduced the [NTLMv1] protocol in 1993 with [Windows NT 3.1].
For hashing, [NTLM] uses [Unicode] support, replacing LMhash=[DES]each(DOSCHARSET(UPPERCASE(password)), "KGS!@#$%") by NThash=[MD4](UTF-16-LE(password)), which does not require any padding or truncating that would simplify the key.
On the negative side, the same [DES] algorithm was used with only 56-bit encryption for the subsequent authentication steps, and there is still no salting. Furthermore, [Microsoft Windows] were for many years configured by default to send and accept responses derived from both the [{$pagename}] and the [NTLM] hash, so the use of the [NTLM] hash provided no additional security while the weaker hash was still present.
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop