ms-cache v2

Discussion and support for the CUDA Multiforcers (Windows and Linux)
  • Ads

ms-cache v2

Postby mayberryman » Sat Nov 03, 2012 12:36 am

Please check my understanding.... are domain credentials in ms-cache v2 form pretty much beyond the ability of current technology to crack (in ones lifetime)?

If I understand it correctly, rainbow tables are useless (except perhaps for an account named administrator) because the password is salted with the users name.

Similarly, neither brute-forcing (nor dictionaries) will crack a reasonably secure password in any kind of useful time.

I've thought about suggesting a ms-cachev2 algorithim be added to the multiforcer...but if only the least secure passwords can be cracked, there are other tools (e.g. hashcat, cain & able) which can make a run at it.

So...do I have this all pretty much straight?
mayberryman
 
Posts: 5
Joined: Thu Dec 30, 2010 9:58 pm

Re: ms-cache v2

Postby Bitweasil » Sat Nov 03, 2012 5:55 pm

mayberryman wrote:Please check my understanding.... are domain credentials in ms-cache v2 form pretty much beyond the ability of current technology to crack (in ones lifetime)?


Depends - what is the quality of the password used? :) They're certainly tough. A distributed attack is the way to go for them, which my framework does support.

mayberryman wrote:If I understand it correctly, rainbow tables are useless (except perhaps for an account named administrator) because the password is salted with the users name.


Correct. Though Administrator tables are certainly useful...

mayberryman wrote:Similarly, neither brute-forcing (nor dictionaries) will crack a reasonably secure password in any kind of useful time.


Correct. A secure password is pretty well secure with mscachev2.

mayberryman wrote:I've thought about suggesting a ms-cachev2 algorithim be added to the multiforcer...but if only the least secure passwords can be cracked, there are other tools (e.g. hashcat, cain & able) which can make a run at it.

So...do I have this all pretty much straight?


Yes. It will get added eventually, with full support for some cool features I'm working on, but mscachev2 is a hard nut to crack.
Bitweasil
Site Admin
 
Posts: 912
Joined: Tue Jan 20, 2009 4:26 pm

Re: ms-cache v2

Postby Picch » Tue Nov 06, 2012 10:10 am

mscachev2 is a nightmare for me during pentests. Even with GPUs the speed is absolutely horrible.
Picch
 
Posts: 59
Joined: Sat Oct 23, 2010 10:28 am

Re: ms-cache v2

Postby Bitweasil » Tue Nov 20, 2012 2:05 am

Picch wrote:mscachev2 is a nightmare for me during pentests. Even with GPUs the speed is absolutely horrible.


They're on the short list for support.
Bitweasil
Site Admin
 
Posts: 912
Joined: Tue Jan 20, 2009 4:26 pm

Re: ms-cache v2

Postby Picch » Tue Nov 20, 2012 9:03 pm

Personally, I'd rather see ntlmv2 support first (in fact, I'd kill for ntlmv2) instead of mscache2. ntlmv2 is seen far more during pentests because of the ability to ARP Spoof, NetBIOS Spoof, etc...
Picch
 
Posts: 59
Joined: Sat Oct 23, 2010 10:28 am

Re: ms-cache v2

Postby Bitweasil » Tue Nov 20, 2012 10:25 pm

Noted. I'll see what I can do!
Bitweasil
Site Admin
 
Posts: 912
Joined: Tue Jan 20, 2009 4:26 pm

Re: ms-cache v2

Postby Picch » Tue Nov 20, 2012 11:19 pm

That would be great! I really appreciate it.
Picch
 
Posts: 59
Joined: Sat Oct 23, 2010 10:28 am

Re: ms-cache v2

Postby Bitweasil » Tue Nov 20, 2012 11:48 pm

Could you get me a few sample exchanges with known passwords in whatever format is most common?
Bitweasil
Site Admin
 
Posts: 912
Joined: Tue Jan 20, 2009 4:26 pm

Re: ms-cache v2

Postby Picch » Wed Nov 21, 2012 8:53 am

Yeah, I'll work on getting some samples. I believe there's 3 formats that are commonly seen.
Picch
 
Posts: 59
Joined: Sat Oct 23, 2010 10:28 am

Re: ms-cache v2

Postby Bitweasil » Wed Nov 21, 2012 7:23 pm

Documented example would be pure awesome - unless you wanted to code up hash file classes for them, which would be even cooler!
Bitweasil
Site Admin
 
Posts: 912
Joined: Tue Jan 20, 2009 4:26 pm

Next

Return to CUDA Multiforcers

Who is online

Users browsing this forum: No registered users and 2 guests

cron