Results 1 to 1 of 1
I remember when windows used LM hashs for safe guarding the passwords in the SAM file. Basically it used two 7 byte words with the DES old algorithm. This had ...
- 09-30-2011 #1Just Joined!
- Join Date
- Apr 2011
- Posts
- 87
windows syskey?
I remember when windows used LM hashs for safe guarding the passwords in the SAM file. Basically it used two 7 byte words with the DES old algorithm. This had alot of weakness's and could be password cracked in no time by computers of today.
Then microsoft started to use NTLM hashs to store the password which was an improvement but still suffered from rainbow attacks.
So microsoft next step /current state was to use syskey to encrypt the SAM file so even if somebody stole the same file they would have no way of reading the hashed passwords.
What I am wondering is where is the syskey encrypting/decrypting key stored? I know the syskey encryption algorithm uses RC4 , MD4 to encrypt SAM but if the key itself is not protected then this defeats the purpose of encryption.
Is the syskey key stored like a linux shadow password file only accessable to the admin? Even so what would happen if somebody booted with a live cd could they steal the syskey like they can do with the SAM file under the config directory?
Never mind I found a link saying it obscures the boot-key (aka syskey in 4 different register key's which need to be put thru the rc4 algorithm...etc)Last edited by sam111; 10-01-2011 at 01:14 AM.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
