Dear Darren Bennett, Windows uses password hash in a same way as Unix uses cleartext password. Having password hash you can connect to Windows network without knowledge of cleartext password (I spent 2 minutes to modify smbclient to use hash instead of password and 5 minutes to test, you can try to do it as a challenge... Hint: all you need is to skip MD4 encoding if password is already looks like MD4 hash). So, cracking of Windows hashes gives you nothing in fact.
--Wednesday, July 23, 2003, 9:48:51 PM, you wrote to [EMAIL PROTECTED]: DB> Is this new? I read about it on slashdot... DB> http://lasecpc13.epfl.ch/ntcrack/ DB> Basically, it seems that Microsoft has (yet again) screwed up the DB> implementation of their encryption scheme. This makes cracking any hash DB> a matter of seconds. Oops... -- ~/ZARAZA Существую лишь я сам, никуда не летя. (Лем) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
