.

Using Cain to sniff windows passwords…

<<

Loic

User avatar

Newbie
Newbie

Posts: 16

Joined: Mon Mar 24, 2008 6:04 pm

Location: Sydney

Post Wed Jul 09, 2008 7:54 pm

Using Cain to sniff windows passwords…

Hi all, I was sniffing traffic on my work network (and yes I do have permission) and I was collecting hashes to see if I can crack them so that I can make a recommendation to use stronger, longer passwords. But one thing I noticed is that every time is collected a hash it was different even if it was for the same user? Why is this?
<<

LSOChris

Post Wed Jul 09, 2008 8:42 pm

Re: Using Cain to sniff windows passwords…

LM vs NTLM?
<<

heffnercj

EH-Net Columnist
EH-Net Columnist

Posts: 69

Joined: Thu Mar 15, 2007 2:45 pm

Post Wed Jul 09, 2008 8:44 pm

Re: Using Cain to sniff windows passwords…

What application/service were the hashes related to? Are these Windows logons, or something else? Some services will use a nonce value combined with the password to produce a unique hash value each time. Or, it could be something completely different; you really need to take a look at how the service in question works, what kind of hashing it uses, and how that hashing is implemented.
<<

slimjim100

User avatar

EH-Net Columnist
EH-Net Columnist

Posts: 385

Joined: Wed Nov 08, 2006 12:50 pm

Location: Atlanta

Post Wed Jul 09, 2008 11:56 pm

Re: Using Cain to sniff windows passwords…

Depending on the requested service it could be LM or NTLM with a challenge hash. Cain can also brute force and dictionary attack this kind of hash.

Brian
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 2 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software