GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Lars Karlslund :verified: (lkarlslund@infosec.exchange)'s status on Wednesday, 13-Dec-2023 04:48:25 JST Lars Karlslund :verified: Lars Karlslund :verified:

    I've been tinkering with 8.7 billion passwords the last couple of weeks - and done lots of thinking, coding and debugging too. This resulted in a cool thing that I'm sharing today.

    Here's the technical background: On the Windows platform your stored passwords are hashed as NTLM, which is basically just a Microsoft way of saying "MD4 sum of the UTF16 encoded password". As this was invented more than 25 years ago, this algorithm is simple.

    Here's why this matters: When hackers break into your network, both configuration mistakes and weak passwords are in the very top of risks that enable a successful way for bad guys to get control over everything.

    This is how you can remedy this: When I do Active Directory assessments, some of the time I also do a password audit, to find accounts that use the same password or highly privileged accounts with way too simple passwords. And I don't really care about regular users, but the ones that impact security do matter.

    This is the challenge: To crack these passwords requires equipment and machine power, as going from an NTLM hash to a password is not something you can do by other means than throwing some GPU power after it. You simply try any password you can imagine, and compare it to the NTLM hash - it takes some time, and you don't get all passwords (complex ones survive these attacks).

    And here's my solution: There is a faster way - maybe not providing you with exactly the same results - but it trades some of the precision with less time and hardware required. Because NTLM hashing is "unsalted", it means that the password 123456 will have the exact same hash on any system you encounter in the world. So why not just look the most obvious ones up in a database?

    Now you can, because I coded up a specialized database, grabbed everything I could find from leaks, dictionaries and wordlists on the internet, and compiled it up for you.

    It's free to use, there is no sign up required - and you can look up 1 password every second (batch look up 1000 in a few seconds every 15 minutes if you're in a hurry). It's even easy to use from command line using curl or PowerShell if you're into that.

    Have fun, and I hope it can help make the world safer a little step at a time. If you like this, please re-share and spread the word (not the password!)

    https://ntlm.pw/

    In conversation about a year ago from infosec.exchange permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      Servizio in corso di attivazione
    2. Domain not in remote thumbnail source whitelist: ntlm.pw
      NTLM to plaintext password lookup
      Instantly look up NTLM hashes and resolve them to plaintext passwords using our database with 8B+ entries.

    Feeds

    • Activity Streams
    • RSS 2.0
    • Atom
    • Help
    • About
    • FAQ
    • TOS
    • Privacy
    • Source
    • Version
    • Contact

    GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

    Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.