Denis Ducamp wrote:
> I'm developping a password cracker using libcrypto.a from openssl. The goal
> isn't to have a fast password cracker as John the Ripper, but to document
> the different algorithmes, their weaknesses and to show how easy it is to
> develop such a piece of software when good libraries (as openssl) exist.
>
> NTLM algorithm uses MD4 and I must have a md4 implementation in my sources.
> MD5 and other algorithmes in openssl have asm optimized implementation so if
> md4 could have such asm optimization it could be great because faster than
> the standard C implementation.
I've seen recently MD4 has been broken to the point you can get any text to hash
to a given MD4 hash value, if you have around 10 byte in the original text you
can give free value to.
You should try to document yourself on that and to implement this to break the
password.
Of course if the password is shorter than 10 byte, brute force might be faster
to find the correct value.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
