- Posts: 259
- Thank you received: 0
System Key Encryption
- FallenZer0
- Topic Author
- Offline
- Premium Member
-
20 years 2 months ago #5087
by nske
the key is needed to encrypt and decrypt the hash
or more correctly in the specific case, to encrypt both the original password as well as the string that will be compared against it, since we are talking for one-way encryption algorithms. If it was saved on the floppy disk and nowhere else.. then yes you'd need it
"start the OS" propably means "login to the OS"
Replied by nske on topic Re: System Key Encryption
the purpose of the System Key is to Encrypt the SAM database. Why then if I choose to store the Key on a floppy disk, would I require it to Start the OS?
the key is needed to encrypt and decrypt the hash
or more correctly in the specific case, to encrypt both the original password as well as the string that will be compared against it, since we are talking for one-way encryption algorithms. If it was saved on the floppy disk and nowhere else.. then yes you'd need it
"start the OS" propably means "login to the OS"
- FallenZer0
- Topic Author
- Offline
- Premium Member
-
20 years 2 months ago #5089
by FallenZer0
Let me understand this correctly. The reason I would require the Sys Key to start the OS is because when the user supplies Logon credentials, specifically the password, Syskey is used to decrypt the password and compares the hash it generates with the ecrpyted hash in the SAM database. Is that right?
Also, if I may, I just got Cain & Abel v2.5Beta58 for W2k/NT/XP, as well as John The Ripper1.6 for win32 applications to decrypt the password hashes. Before I do anything with these, I thought I would ask opinions here if you had used these tools before.
If anyone is interested in these tools,
www.oxid.it/cain.html
www.openwall.com/john/
If anyone know of any other tools with which I can get plain text passwords from the SAM, I would greatly appreciate it.
-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle
Replied by FallenZer0 on topic Re: System Key Encryption
the purpose of the System Key is to Encrypt the SAM database. Why then if I choose to store the Key on a floppy disk, would I require it to Start the OS?
the key is needed to encrypt and decrypt the hash
or more correctly in the specific case, to encrypt both the original password as well as the string that will be compared against it, since we are talking for one-way encryption algorithms. If it was saved on the floppy disk and nowhere else.. then yes you'd need it
"start the OS" propably means "login to the OS"
Let me understand this correctly. The reason I would require the Sys Key to start the OS is because when the user supplies Logon credentials, specifically the password, Syskey is used to decrypt the password and compares the hash it generates with the ecrpyted hash in the SAM database. Is that right?
Also, if I may, I just got Cain & Abel v2.5Beta58 for W2k/NT/XP, as well as John The Ripper1.6 for win32 applications to decrypt the password hashes. Before I do anything with these, I thought I would ask opinions here if you had used these tools before.
If anyone is interested in these tools,
www.oxid.it/cain.html
www.openwall.com/john/
If anyone know of any other tools with which I can get plain text passwords from the SAM, I would greatly appreciate it.
-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle
20 years 2 months ago #5093
by nske
actually, I believe, the reverse, the final syskey hashes are compared.
Syskey's 128-bit encryption can not be brute forced, in practice.
Still, system key remains in a part of the registry that is accessible by processes running with administrator privileges and can be used to extract the md5 password's hash, which is weak enough to be brute forced (e.x. check pwdump). However I don't know the whys and hows, nore remember anything more practical as I've no contact with windows for a long time. But as for the tools I also remember "L0pth cracker"
here's an article from MS I had in my bookmarks, though it might be the one you read.
support.microsoft.com/default.aspx?scid=KB;en-us;q143475
Replied by nske on topic Re: System Key Encryption
when the user supplies Logon credentials, specifically the password, Syskey is used to decrypt the password and compares the hash it generates with the ecrpyted hash in the SAM database. Is that right?
actually, I believe, the reverse, the final syskey hashes are compared.
Syskey's 128-bit encryption can not be brute forced, in practice.
Still, system key remains in a part of the registry that is accessible by processes running with administrator privileges and can be used to extract the md5 password's hash, which is weak enough to be brute forced (e.x. check pwdump). However I don't know the whys and hows, nore remember anything more practical as I've no contact with windows for a long time. But as for the tools I also remember "L0pth cracker"
here's an article from MS I had in my bookmarks, though it might be the one you read.
support.microsoft.com/default.aspx?scid=KB;en-us;q143475
- FallenZer0
- Topic Author
- Offline
- Premium Member
-
20 years 2 months ago #5094
by FallenZer0
-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle
Replied by FallenZer0 on topic Re: System Key Encryption
nske wrote:
actually, I believe, the reverse, the final syskey hashes are compared.
--Makes Sense.
But as for the tools I also remember "L0pth cracker"
--l0pht cracker isn't freeware. Although I think they do have a trial version.
--Thankyou nske, You have been awesome.
-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle
Time to create page: 0.134 seconds