Describe simply why those hashes cannot be reversed to passwords.
2007-01-31 19:54:01 · 3 answers · asked by Loiterer 2 in Computers & Internet ➔ Security
I know that Hashes are decryptable using bruteforce and other methods, HOWEVER I want to know why when you get a password hash it is not reversed in one simple calculation?
that is, isn't there an algorithm to make the hashes? So, can't we reverse the algorithm like when we make Keygens?
2007-02-02 16:47:14 · update #1
errr, actually they are reversable!!
As you probably know Microsoft Windows NT/2000/XP stores encrypted password hashes in the Windows Registry/sam. You can use utilities such as PWDump or similar to view the usernames and their respective hashes.
There are a lot or cracking software out there, and yes, for all those moaners there - there are legitimate uses for them - Im a systems administrator and I used to use Lopht Crack to break back into machines (not on our domain, but under our control - we have two separate networks - long story) where the users have managed to change the Administrators password and forgotten what they set it to.
There was a weaknesses in LanManager (LM) password hashes that made lopht crack so popular. NTLM made hashes are somewhat stronger by using a longer hash and allowing both upper and lower-case letters.
NTLMv2 made even more advances by computing a 128-bit key space and using separate keys for message integrity and confidentiality. It also uses the HMAC-MD5 algorithm for further message integrity.
However although xp is slightly harder to crack, it is still crackable, just see how many xp password crackers are available on the market!
We dont bother cracking the passwords nowadays as we just simply reset the Administrators password using ERD Commander (you dont need to know what the previous password is anymore), even on xp.
=====================
Okay Just read your extra note you recently added - lets roll our sleeves up and get dirty! - Windows generates both a LAN Manager hash (LM hash) and a Windows NT hash (NT hash) of the password, using a OWF (one way function) algorithm.
OWF stands for One-Way Function and is a term that denotes a one-way mathematical transformation of some data The data that is being transformed can only be converted one way, into the obfuscated form.
The obfuscated form of the data cannot be reversed into the original form, hence the use of the term one-way function. The most common type of OWF in use is a cryptographic hash.
A hash is a small set of data that is mathematically tied to some larger set of data from which the hash is calculated. If the larger set of data is changed the smaller set, the hash, also changes.
Hashes are useful, for example, as a checksum to verify that data has not been modified in transmission. A cryptographic hash is a hash that fulfills certain properties.
A cryptographic hash must, for instance, by created in such a way that it is mathematically infeasible in a reasonable amount of time to infer the larger set of data from only the hash. Likewise, it is mathematically infeasible to find two sets of large data that generate the same hash.
Although the LM OWF is not actually a hash, its output is commonly called the "LM hash" since the NT OWF generates the "NT hash."
This is how the LM hash is computed. The LM hash is computed as follows:
1.The password is padded with NULL bytes to exactly 14 characters. If the password is longer than 14 characters it is replaced with 14 NULL bytes for the remaining operations.
2.The password is converted to all uppercase.
3.The password is split into two 7-byte (56-bit) chunks.
4.Each chunk is used as the key to encrypt a fixed string.
5.The two results from step 4 are concatenated and stored as the LM hash.
The LM OWF algorithm is now over 20 years old. It was originally created for use in the LAN Manager family of operating systems and is included in recent versions of Windows for backward compatibility with software and hardware that cannot use newer algorithms.
The NT hash is simply a hash. The password is hashed using the MD4 algorithm and stored. The NT OWF is used for authentication by domain members in both Windows NT 4.0 and earlier domains and Windows 2000 and higher Active Directory domains.
Theres a lot more to hashing and cryptography in general but I guess the above should answer your question; the hashes by their very definition are irreversable, hence why we have to use brute force/dictionary attacks etc.
Hope this clears this up for you!
2007-01-31 19:59:10 · answer #1 · answered by redbaron101 3 · 1⤊ 0⤋
Even one way hashes are breakable... all you have to do is try encoding different passwords until you find one that encodes the same.
Best you can hope is that decoding takes longer than the person wants to take on breaking into your password.
2007-01-31 20:02:59 · answer #2 · answered by bambamitsdead 6 · 0⤊ 0⤋
everything encypted is bounded to be decrypted one day
2007-01-31 23:16:41 · answer #3 · answered by Anonymous · 0⤊ 0⤋