Oooo.... here we go again!
In my experience passphrases are going to be much more secure. BUTmany
applications (custom and commercial), outside of MicrosoftWindows, are written
to only accept up to 14 characters. MS Windowscan accept a passphrase up to 127
characters. For the most part bruteforce cracking is dying and being replaced
with rainbowcrack(http://www.antsight.com/zsl/rainbowcrack/). I have a full set
(44GB)of the LanMan tables (rainbowtables.shmoo.com/) and I can blastthrough in
about 10-20 minutes. Currently I am building the NTLM (thenMD5 after that)
tables but only up to 8 characters as I probably don'thave the disk space for
anything bigger. So, if you are securityconscious and have disabled LanMan from
being stored or transmittedand _all_ of your users have 9 character passwords
or passphrases,IMHO it will be very tough to recover any passwords. Some
peoplerecommend that you use an alt ascii character in the password but Ithink
it is impratical to ask users to do that. I can already picture60 users with
the password blink(alt-182).
Here is a paper I researched on Windows LanMan I welcome anyconstructive
feedback.
Windows LanMan Challenge/Response Based Network Authentication Protocol
There is a lot of information out there on the pitfalls of
Microsoft'simplementation of LanMan. What I am going to do is go into as
muchdetail of the problem as I can and give workarounds to help mitigatethe
vulnerability. As we know, most networks revolve around usingpasswords for
authentication and are great targets for black hats andevil doers. Now let's
jump in and take a look of how Microsoft usesLanMan.
dood:1301:081CFBE2AF23C5BEB8AFD410DE448ADD:0D952209A0138C9093DDF5845EE13957:::
Here is a typical user and password pulled from the registry; dood isthe
username then you have the RID (RelativeId) and finally the LanMan(underlined)
and NTLM passwords, all separated by a colon ( : ). Now,by default, Windows
sends both the LanMan and NTLM passwords acrossthe wire when you authenticate
to another machine (be it either hostor server). Let's dig a little deeper on
this whole LanMan thing andtake a look at the problems.
LanMan is encrypted using DES (Data Encryption Standard) but they donot use a
salt to throw in randomization. Also when you change yourpassword it is stored
in ALL UPPERCASE characters and LanMan can onlybe a maximum of 14 characters
(NTLM has a maximum of 127). Now thereis one last big flaw, take a look at the
next to passwords and see ifyou notice a similarity.
dood1:1124:0AF1F736E3858B0CAAD3B435B51404EE:E5FAD982A09C13976DAEDD832EE2B4D9:::dood2:1158:5322BF21A44579F7AAD3B435B51404EE:75EF48966F114653569A10FA87707F23:::
Notice how AAD3B435B51404EE repeats in both passwords? Well… someonethought it
was a safe idea by taking the 14 character password andsplitting it into two
7-character passwords and merging them together.Let's say the password for
dood1 is "brown", that password is only 5characters long. LanMan pads the rest
of the 9 missing characters (toequal 14) with the number 0. So the password
will look like"brown000000000" to the system. But remember that issue about
beingsplit in two; it effectively becomes "brown00" and "0000000". So whenyou
see AAD3B435B51404EE in the password it is 0000000, taking thatone more step
you are now able to visually see if the password is lessthen 8 characters.
Now let's take a little look at some math. With LanMan you effectivelyhave only
a 7 character password at best; A-Z = 26 characters, 0-9 =10 characters, and 24
special characters (!, @, #, $, %, ^, &, *, (,), etc) so you have a grand total
of 60 characters you can use (youcan use other Unicode characters doing ALT
combinations but we willignore those for this purpose). So 60^7 gives you
2,799,360,000,000different combinations. Now say you have a 1.4 GHz laptop
running johnthe ripper (or l0pht) with 1 GB of RAM that has a key rate
of3,000,000 combinations per second, it would take 10.8 days to gothrough all
possible combinations. That being said, mostorganizations expire a password at
90 days. We know that passwordscannot stay secure forever that is why we change
them, but they mustbe able to withstand an attack until they can be changed.
Let's expandon the math a little more.
60^7 = 2,799,360,000,000 = 10.8 days (A-Z, 0-9, special)86^7 =
34,792,782,221,696 = 134.23 days (A-Z, a-z, 0-9, special)62^8 =
218,340,105,584,896 = 2.3 years (A-Z, 0-9, special)86^8 = 2992179271065856 =
31.62 years (A-Z, a-z, 0-9, special)
*Keep in mind that this is the MAXIMUM amount of time it would takeand will
most likely find the password in less time.
By looking at the math it is very probable to find any 7-characterpassword
before it expires. It is still feasible to find the passwordthat uses 8
characters in 90 days or less but the process wouldprobably have to be is split
across several machines. One of thethings suggested to me by a Microsoft
Incident Response person was tomake pass phrases instead of passwords. Let's
jump into a tad bit moreof math and look at a 14 character password that is NOT
using LanMan(NTLM or NTLMv2).
36^14 = 6,140,942,214,464,815,497,216 combinations = 64,909,333 years (a-z, 0-9)
You could use "i have 1 dollar" as the example (which is actually36^15 but good
enough for the exercise) and the possibility of a blackhat being able to
discover the password before it expires is extremelyremote. Ultimately you
should look at moving to only NTLMv2 for itssecurity though you may need to
install the clients to allow yourWindows 95, 98, NT machines to connect. As
with anything make sure youtest and document your changes in a suitable
environment that will notaffect current operations.
Review:· LanMan coverts all characters to UPPERCASE· Pads the
password with 0's up to 14 characters· Password is split into two 7 character
chunks· No randomization seed used (salt)
So now that we understand how the password deal works a little betterlet's look
at fixing the problems. We have to disable/remove LanMan.
1. LanMan is stored in the SAM (Security Accounts Manager)2. LanMan
is transmitted with the NTLM 'hash' when authentication occurs
In order to disable the transmission and storage of the LanManpassword follow
the instructions from Microsoft or the PDF. Note thatafter you disable the
storage of passwords you will have to change thepassword in order for it not to
store the new password. Myunderstanding is that the old password will always
remain.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsecure/html/msdn_secinst.asp(NT)
change setting to 2 - Never sends LM password form.
http://www1.umn.edu/oit/img/assets/5630/DisableLanMan.pdf
Talks about current password guidance from
Microsofthttp://www.microsoft.com/smallbusiness/gtm/securityguidance/articles/select_sec_passwords.mspx
