legal contact rss
 

windows hashes facts

LM

  • Build out of max. 14 characters of the all upercased password.
  • Devided into two 7 byte chunks.
  • Both chunks are DES encrypted and stored.
  • Default in all Windows versions prior of MS Vista

NTLM

  • Takes the original PW (max 127 bytes) and hashes it with MD4

NTLMv2

as NTLM but:

  • uses a client challenge in the computation
  • includes timestamps -> immune to replay attacks

Kerberos

  • Only used if NETBIOS or DNS names is used to connect
  • provides authentication for servers and clients
  • <2008 uses RC4
  • >2008 uses AES