what's the difference with these hashes?
i know that Windows uses three kind of hashes: LM, NT and NTLM.
which format is more secure? I know that LM is the least secure of the three, but it is still supported for backwards compatability.
also, if i have an NTLM rainbow table, can it be used to crack either NT or LM hashes?
or if i have either a LM or NT only rainbow table, can it be used to crack an NTLM format password?
and for securing my own system, which is better?
Just disable LM hashes B)
Quote from http://support.microsoft.com/default.aspx/kb/299656
- Start Registry Editor (Regedt32.exe).
- Locate and then click the following key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
- On the Edit menu, click Add Key, type NoLMHash, and then press ENTER.
- Quit Registry Editor.
- Restart the computer, and then change your password to make the setting active.
fuser wrote: thanks for the tip, but what type of rainbow table is best to crack all three hashes?
is it the LM table, NT table or NTLM table? I like to know the best answer as generating these tables take up space and speed, so i'd like a rainbow table that covers all three.
The NTLM table would be best, but would take very long time to generate and use much HDD space. I'd recommend only using a LM table, since LM hashes are split into 2 pieces with 7 bytes in each which means you only have to make a table for 1-7 characters ;)
However if someone has disabled LM hashes (which is quite unlikely) you'll need a NT table instead.