Password Representation

Question 1

Passwords are stored in these two formats in Windows

Answer 1

LANMAN and NTLM

Question 2

NT, 2000,XP, 2003 use this hash

Answer 2

LANMAN

Question 3

Windows Vista and later use this hash

Answer 3

NTLM

Question 4

Windows hashes are stored locally where

Answer 4

SAM database

Question 5

Domain Controllers store hashes where

Answer 5

ntds.dit

Question 6

LANMAN hashes max character limit

Answer 6

14 characters

Question 7

if LANMAN hash is < 14 characters it does what

Answer 7

fixed padding it with null byte

Question 8

LANMAN converts password to what

Answer 8

upper case

Question 9

LANMAN split the password into

Answer 9

two 7 bit halves

Question 10

whats the weakest part of LANMAN hashes

Answer 10

splitting into two 7 character pieces easier to crack

Question 11

LANMAN uses each 7 bit piece and how does it encrypt it

Answer 11

use each piece as a DES key to encrypt a constant with one round of DES. fixed constant hard coded into LANMAN algorithm then concatenates each piece

Question 12

Is there ever an 13 character LAN man password

Answer 12

No its a 7 character password and and 6 character other password. attack each sides independently

Question 13

NT Hash is how many characters long

Answer 13

256

Question 14

NT Hash is not split up and requires only one round of

Answer 14

MD4

Question 15

LANMAN and NT Hashes are not salted T or F

Answer 15

True

Question 16

When authenticating over the network what is used

Answer 16

Challenge responses:
LANMAN Challenge/Response
NTLM v1
NTLM v2
Kerberos

Question 17

LANMAN Hash Challenge response -
Client sends authentication request with username in __________
Server sends a pseudo random challenge request to client
Client takes users hash to transform mathematically the challenge into a response

Answer 17

cleartext

Question 18

Client forms response for from challenge padding to ___ bytes and splits into ___ ___byte pieces

Answer 18

21
3
7

Question 19

In NTLMv2 the client uses the NT hash as a key in the

Answer 19

HMAC-MD5 to hash the username and domain name

Question 20

In NTLMv2 uses the result of the username and domain name hashed is used as a key in another round of HMAC-MD5 this time with it applied to

Answer 20

server challenge
timestamp
client challenge in pseudo random fashion
which produces the NTLMv2 response and client challenge

Question 21

Modern Linux/Unix MD5-based Password schemes
use any length password and a ______. These are hashed together using the _____ algorithm. The result is then hashed with the original password and _____ for thousand iterations mixing orders of result, password, and ______. stored in /etc/shadow or /etc/password preceded with ____ and a _____ with another $.

Answer 21

salt
MD5
salt
salt
$1$
salt,

Question 22

Traditional DES-based scheme - users password is truncated to __ characters. Then bit is removed from each character to make them 7 bit ASCII representations, yielding ___ bits.
Result is used as a DES key to encrypt a constant block of ___ bits all set to ___. A salt is to create an interim result then the ___ bit DES key is perturbed by the ____ for ____ times.

Answer 22

8
56
64
0
56
salt
25