First things first, what is an LM Hash or Lan Manager Hash? A
LM Hash is an outdated hashing function, however still widely in use in
corporate environments today. The most important features of a LM hash is as follows:
·
Passwords are a Maximum of 14 characters or 14
bytes.
·
Passwords are converted to uppercase
·
Passwords are padded to 14 bytes
·
The 14 byte password is split into two 7 byte
halves. (This is the weakness exploited by the Half LM attack)
·
Read more about LM hashes at http://en.wikipedia.org/wiki/LM_hash
Simply put, if a user chooses a password of ‘Password’ the
LM hashing function changes it into “PASSWOR” and “D”, or if they choose “PaSSwOrD12345!”
it is changed to
“PASSWOR” and “D12345!”. Obviously cracking two short passwords will take less time than 1 long password.
“PASSWOR” and “D12345!”. Obviously cracking two short passwords will take less time than 1 long password.
Before you can use the Half-LM rainbow tables you either
need to download them or generate them yourself like I did using Winrtgen which
is included with Cain. When using Winrtgen
it is important to note the disk space and Success probability. This is directly
influenced by the Charset and the Number of tables. In the image below you see that the tables
will only recover 97% of passwords using the alpha-numeric-symbol14 charset.
You will also want to run the Benchmark to see how long it will take you to
generate the tables. On a side note you can divide the tables.lst file to
distribute load, even among cores as Winrtgen is not written for multicore
support. Then we wait…..
On to the fun stuff, to capture a hash we want to use the Metasploit capture SMB auxiliary module, which is located in auxiliary/server/capture/smb. Leave the default settings with the exception of the CAINPWFILE. Set this to output the file where ever you like.
Now you wait, you can do various things to coerce the
victims to come to you such as NetBIOS spoofing or embedding UNC paths, but that’s
a topic for another day. When a user attempts to connect to the capture server
you will see output similar to this. The important thing to note is that the
capture contains an LM Hash.
When you’re ready you can load the hashes into Cain, by
selecting the Cracker tab then the plus symbol to add your hashes from a list.
The select the hashes you want to crack and right click,
selecting Cryptanalysis attack, Half-LM hashes + challenge, via Rainbow tables.
Load your tables and let it run. The amount of running time
depends on the amount of hashes.
When it is done you have a result similar to the image
below. As you can see we have not recovered the actual password yet, but we’re
close. Let’s finish them off.
Follow the similar procedure as above by right clicking the
hashes, but this time you’re going to select brute-force attack and LM Hashes +
Challenge. As you can see I set the Max length to 3, that’s because I assume
that nobody picked a password over 10 characters, which is probably a pretty
good assumption in this case. ;)
Remember we already cracked 7 of the characters. As you can see the 2nd half of the
passwords are cracked extremely fast.
Cain then does a quick case brute force against the cracked
password to determine its proper case, as you can see the passwords were
recovered.
That’s it! It is actually
simpler in practice then it appears here. Good luck and have fun.
No comments:
Post a Comment