tcarrigan
03-14-01, 03:33 PM
Uncrackable NT4/Windows 2000 Passwords: They Exist
Most passwords are built on the notion of time. Users don't deny that a password is uncrackable; they merely say that it would take so long to crack them that it isn't even worth trying. Through a bit of ingenuity, curiosity, and a stroke of luck, Scott Crawford managed to come across passwords that couldn't be cracked, at least not by today's tools.
The method is so simple, it's beautiful. It's based on the fact that L0phtCrack only offers to crack up to 68 of the 256 possible characters in the ASCII character set. So he wondered, what about the other characters? His research discovered that there are 187 characters of 308 (some extra Windows characters are also allowed in passwords) that could not be cracked by L0phtCrack 2.5. All of these characters are ones that are only accessed only by pressing ALT plus a three or four digit number on the numeric keypad.
The way to test the crackability of these passwords is simple. Create 308 users, one for each character, each with the character both as the user name and as the password. Then, use a custom character set of all possible characters or run the list of characters through a dictionary file, creating the identical characters in the file. In effect, every password exists both in the user name and in the dictionary file. L0phtCrack actually checks both for the password (if you have a user name that is also the password, L0phtCrack will determine that instantly). After running the dictionary file through, we discovered there were many that weren't cracked by L0phtCrack.
After several runs on multiple machines, both Windows NT4 and 2000, we determined that these 187 characters were, in effect, uncrackable.
null (http://null) null http://sysopt.earthweb.com/articles/win2kpass/table.
Most passwords are built on the notion of time. Users don't deny that a password is uncrackable; they merely say that it would take so long to crack them that it isn't even worth trying. Through a bit of ingenuity, curiosity, and a stroke of luck, Scott Crawford managed to come across passwords that couldn't be cracked, at least not by today's tools.
The method is so simple, it's beautiful. It's based on the fact that L0phtCrack only offers to crack up to 68 of the 256 possible characters in the ASCII character set. So he wondered, what about the other characters? His research discovered that there are 187 characters of 308 (some extra Windows characters are also allowed in passwords) that could not be cracked by L0phtCrack 2.5. All of these characters are ones that are only accessed only by pressing ALT plus a three or four digit number on the numeric keypad.
The way to test the crackability of these passwords is simple. Create 308 users, one for each character, each with the character both as the user name and as the password. Then, use a custom character set of all possible characters or run the list of characters through a dictionary file, creating the identical characters in the file. In effect, every password exists both in the user name and in the dictionary file. L0phtCrack actually checks both for the password (if you have a user name that is also the password, L0phtCrack will determine that instantly). After running the dictionary file through, we discovered there were many that weren't cracked by L0phtCrack.
After several runs on multiple machines, both Windows NT4 and 2000, we determined that these 187 characters were, in effect, uncrackable.
null (http://null) null http://sysopt.earthweb.com/articles/win2kpass/table.