FAQ

1. How to dump hashes from my computer ?

   First you have to have administrator rights on your computer. You can use these tools to dump passwords form your computer:
   • samdump: Extracts password hashes from SAM files
   • pwdump: Extracts password hashes from registry
   • pwdump2 Extracts password hashes when SYSKEY has been installed (Windows 2000 uses SYSKEY by default) Info
   • pwdump3 rev2: Extracts password hashes from remote systems, even when SYSKEY has been installed
   We strongly recommend that you create a specific account on your computer and crack its password, rather than using the hash of your normal or Administrator account.

2. How to use the dump of pwdump ?

   The pwdump programm suite output three informations divided by colons:
   • The user name
   • The LanManager Hash composed of 32 hex characters
   • The NTHash also composed of 32 hex characters

3. What sort of passwords are cracked ?

   Our system is able to crack 99,9% of alphanumeric passwords (mixed case letters and numbers) in 5 seconds (average on 1000 passwords). We are also able to crack passwords built with 78 characters (mixed case letters, numbers and 16 others characters) in 30 seconds but there is no web interface to this cracker yet.

4. If my password is not found ?

   Your password is not covered by our probabilistic method (less than 1/1000).
   Your password contains characters other than letters and numbers.

5. How comes I can only dump the NTHash of my password and not the LanManager hash ?

   Your password is longer than 14 characters.
   LanManager passwords are desactivated on your computer.

6. How many computers do you use to crack a password so fast ?

   This cracker runs on only one AMD Athlon XP 2500+ with 1,5 Gb DDR 333 (although 1 GB of RAM would yield the same results).

7. My password took more than 5 seconds to crack, why?

   5 seconds is the average time it takes to crack one alphanumerical LanManager hash. The cracking method is probabilistic and can take much longer in the worst case. If your password is longer than 7 characters, we need to crack two hashes, which doubles the time. If the cracker was not used for a while, the data files (0.95 GB) are no more in the filesystem cache. Try again, it will be faster. If the password is not alphanumerical (made entirely of letters and numbers) the cracker will spend up to 170 seconds to be convinced that it can not crack it.

8. What does "notfoundX" and "notfoundnotfound" mean?

   We crack passwords by chunks of 7 characters. If we don't find the corresponding half of the password we write "notfound". Thus "notfoundnotfound" means we didn't find neither half. "notfoundX" and "Ynotfound" means we found one half but not the other. "notfound" means we didn't find the first half and the second one was empty. The most likely reason for not finding a half of a password is that it contains a character which is neither a letter nor a digit.

9. Is there something special about windows passwords that makes them easier to crack?

   The two ways of encrypting passwords on windows systems, the LanManager hash and the NThash, both lack the use of random information. The hash of a given password will thus be the same on any machine. Because we know in advance how the hashes will look like, we can precalculate all of them and store some of them in our tables. In other password systems (e.g. unix) a random value, called salt, is added to each hash calculation. Since we don't know that value in advance, we cannot create the tables, unless we create a set of tables for every value of salt (4096).

10. What is the difference between the figures in the paper and the demo (why is the demo faster)?

    The experiment related in the paper uses a basic method that makes use of so called rainbow tables. The demo uses a more advanced version called perfect rainbow tables. Both versions are described in the paper. In perfect rainbow tables we throw away merging chains. The advantage is that we end up with a more compact set of tables (0.95 GB versus 1.4GB) but we have to do more precaculation to compesate for the waste. Finally the experiment in the paper was done on a laptop with 500MB of RAM and a P4 at 2Ghz whereas the demo runs on a AMD Athlon XP 2500+ with 1,5 Gb DDR 333.

11. I want a copy of your code!

    We have decided not to release LASEC.s original code and tables for now. However, Claude and Luca (the students who created this demo) would be more than happy to implement a new version as a job.

12. So, what is so special about your work?

    We have taken a classical time-memory trade-off method that has not been improved in twenty years and have made it twelve times faster (and even better), more regular and analyzable. We are all excited about this, but we don't know about you. We had to test our method with a real-world example, so we chose windows passwords. To our knowledge we are the first to have applied a time-memroy trade-off to cracking passwords, resulting in a cracker that does in seconds what the best commercial crackers do in hours. Although this sounds more spectacular, anybody could have used the original time-memory trade-off to implement a cracker that would crack passwords in minutes, if not in seconds.

13. With what as been programmed that cracker ?

    The answer is very easy. C, because is one of the most performant programming language !!!

14. I want to know more about this cracking system ?

    Contact us by mail ntcrack@epfl.ch and/or read the paper

• Maxime Mueller: implementation of the original trade-off by Martin Hellman.
• Philippe Oechslin: optimized implementation of the original trade-off, development of a much faster trade-off algorithm (rainbow tables), implementation of rainbow tables.
• Claude Hochreutiner, Luca Wullschleger: Implementation of perfect rainbow tables and arbitrary character sets, precalculation of perfect rainbow tables for alphanumerical hashes and extended hashes (alphanumerical plus 16 characters), implementation of the web interface.