[foofus-tools] Medusa LMv2 and pwdump6 freezing?
jmk
jmk at foofus.net
Mon Jun 8 12:18:34 PDT 2009
On Mon, 2009-06-08 at 13:46 -0500, Richard Miles wrote:
> - Based on the documentation LMv2 auth method for Medusa appear to be
> the best for brute force. What is the big difference from LM and LMv2?
> Is LMv2 case insensitive (like LM)? If yes, this would be awesome -
> brute force with case insensitive method and supported by all Windows
> versions is amazing, too good to be true.
Indeed, too good to be true...
For an excellent resource on the protocols, I suggest the following:
http://davenport.sourceforge.net/ntlm.html
LMv2 will likely become the default protocol in the next release (NTLMv1
is the current), since it appears to be supported in the largest number
of situations. LMv2 actually uses a NTLM password hash (not LM), so it
IS case sensitive. LM (i.e. LMv1) is the only case-insensitive
authentication protocol we support for SMB. While LMv1 certainly has its
benefits, the big challenge is we don't necessarily know why an
authentication attempt failed. It could be because we tried the wrong
password, but it could also be due to the remote system not supporting
LMv1 or not having a LM hash stored for that user. The following page
has a few additional notes on the various authentication methods:
http://www.foofus.net/jmk/medusa/medusa-smbnt.html
Joe
p.s. I'll leave it to Fizzgig to address the PwDump/FgDump issue...
More information about the foofus-tools
mailing list