|
Author: Darren Miller Article source: http://computers.articlesarchive.net/. Used with author's permission.
I Challenge You To Crack The Code
-------------------------------------
I had quite an interesting experience recently. I was hired
by a company to perform a vulnerability assessment and
penetration test on their network. During the initial
meeting, one of the key technical staff presented me with a
challenge; He handed over the NTLM hash of the domain
Administrator account and challenged me to decipher it.
He explained that the complexity and length of the password
would prevent me from deciphering it during the time allotted
for the project. He was actually quite confident in my
impending failure.
In most cases, this individual would have been right on the
mark. On the other hand, I'm not sure he expected to
challenge someone who has close associates with discretionary
time on some of the most powerful computers in the world.
6 Hours, 2 Servers, 64GB of Memory, and 32 Processors Later
and.....
------------------------------------
It took just under six hours to decipher the password. Of
course, my 'associates' were using a program of my choice
on servers with 32 processors and 64GB of RAM a piece.
It's nice to have friends with access like this.
Especially in my line of work. Needless to say, my client
was shocked when I called him the next day and gave him
the password.
Let's Have Some Fun: A Challenge For You
----------------------------------------------
(In order for you to do this, you need to go to:
http://www.defendingthenet.com/NewsLetters/
CrackTheCode-ThatsADirectChallenge.htm)
Shortly after this experience, I started thinking about
writing an article about it. Then I thought to myself,
why write just an article? Why not come up with a challenge
for our readers?
Hidden in this article is information that will ultimately
provide you with a phrase that has been encrypted. You will
need to know a few pieces of general information such as,
where to find the hash in this article,
how to extract the hash from the article, what the password
is that will reveal the hash, and what type of hash is being
used! Still with me on this? You will need to do all this
before you can start cracking the encrypted phrase.
First, you need to find the hashed phrase located in this
article. I'll give you a hint; I recently wrote an article
about hiding messages in files. This article can be found
on the Defending The Net Newsletter Archive. It is also in
the www.CastleCops.com archive. Oh, and once you find where
the hash is you will need a password to extract it. This one
I am going to give away. The password to extract the hash
is 'letmein' (without the ' ' of course).
Then, you will need a tool that can easily handle
deciphering of the hash once you extract it from this
article. There are quite a few out there that will do the
job, however, I highly recommend using pnva naq noyr i2.69,
a publicly available security tool that no self respecting
security engineer should be without. You will also need to
know the type of hashing algorithm that was used. I decided
to use zrffntr qvtrfg svir because it is relatively
well-known. (Try saying that 13 times real fast!)
Conclusion
----------------
The first person to successfully unravel this riddle and
e-mail me at riddle@paralogic.net with the deciphered phrase,
along with a detailed description of how they accomplished
the task, will receive a 512MB, USB2.0 Jump Drive. As soon
as we receive this information we will post it on the main
page of www.defendingthenet.com. About The Author
----------------
Darren Miller is an Information Security Consultant with
over sixteen years experience. He has written many
technology & security articles, some of which have been
published in nationally circulated magazines & periodicals.
If you would like to contact Darren you can e-mail him at
Darren.Miller@ParaLogic.Net
Seven Ways to Dramatically Increase Your Email Marketing Profitability
Discover the best number to use for pricing, an easy way to increase your traffic for free, a very simple way to increase your online credibility, and much more...
Wholesale Closeouts: How To Find The Best Wholesale Closeouts Deals For EBay
Wholesale closeouts can be used to build a lucrative eBay business.
Sales Commission – What Return Should You Expect On Your Sales Compensation Investment?
This article answers the following questions: How do most companies look at return on investment (ROI) for their sales compensation expense? What portion of sal...
Stress Management Tip – Learn to Say No
Saying "No" to requests you actually don't want to do is a good way to reduce stress. Sometimes you are asked to do something that you simply don't want to do o...
Choosing Peace, One Shift at a Time
It doesn't matter what magazine or newspaper you pick up these days, there it is! the evidence of violence; the killing of innocent people, the terror of aggres...
Eating Healthy Diet Tips
Tips to help you lose weight quickly and safely
How to Hold Effective Staff Meetings
Bad staff meetings keep people from making money for your company. Here's how
to hold an effective staff meeting.
Senior Communities In Dallas Texas
A senior community is a place to socialize, have an active lifestyle, stay involved and have a place to live. Good times, good service, and good friends intertw...
Christmas Recipes: Cakes & Tarts. No.1 of 7 - Mincemeat & Marzipan Tart
A christmas recipe from the cakes and tarts category to try on your friends and relatives. Something different.
Understanding Glyconutrients
Learn about glyconutrients, the new class of nutrient on the block. Understand how they affect your immune system and the support of normal, natural cell functi...
There Must Be More To Life Than This
If you suffer from a nagging feeling of "there must be more to life than this", you're not alone.
Diabetic Control Supplements
Herbal supplements have come a long way. Diabetics and people with blood sugar issues are now benefitting with new blood sugar stabilizing supplements that can...
How To Apply For a Business Loan
Worried about how to apply for a business loan?
Control Your Own Level of Motivation
Do you want an inexpensive life coach? Discover a simple formula for keeping your moods upbeat.
Cat-ostrophic
You can't fool a smart cat.
Things Every Couple Should Know
People entering any form of long-term relationship, whether married, domestic partners, or just living together, are typically unaware that their relationship t...
Top Ten eBook Mistakes and How to Correct Them (Part 2)
Did you know that you already have an eBook inside you? And, like your coach, you can earn thousands of dollars each month? If you want to double and triple you...
Top Ten Ways to Get Tons of Traffic
Without a ton of traffic to your site you aren't going to get any sales or any leads. This article will look at some simple but effective ways to bring traffic ...
Bleeding Gums
Bleeding gums and other oral health problems are treatable if they are caught early and taken care of before the condition gets out of hand. Millions of America...
Alpha Hydroxy Acids (AHA) Who Do They Benefit?
Why use Alpha Hydroxy Creams?
The Language and Meaning of Flowers
Flowers and bouquets of flowers have a meaning of their own. Most of us know that a dozen red roses means, "Be mine." But did you know, for example, that a pr...
Exercise: Why YOU Should Do It
Find out why EVERYONE should be exercising, regardless of their health and fitness goal!
Securing Debt Consolidation Secured Loans
If you're like most people, then you've got debt in your life… and if that debt is getting out of hand, you might want to consider debt consolidation secured lo...
Fundamental Immunology, Basic Immunology and Allergy Immunology
Immunology is a broad branch of biomedical science that covers the study of all aspects of the immune system in all organisms. The immune system is the body's d...
|
Print this page