I just found a major bug in my dictionary based rainbow table program. The MD4 hashing algorithm I was using for NTLM, (though thank god not MSCACHE), passwords does not work for passwords over 14 characters long. I discovered this when attempting to build a table to crack strong, (16+ character) passwords. I'm kicking myself because this limitation was documented in the actual code. The fix is easy enough, (if > 14 then use old hashing algorithm), but going back it really messed up some of my older ntlm tables, (aka the old tables were generated using incorrect hashes for 15+ characters, so if I start hashing them correctly the old tables break). Normally at this point I would just change the version number of my new tables, (I tried to build some future proofing into my setup), but this also explains why my program was crashing on some other computers I was testing it on. Aka, on my development desktop it would just give garbage for those long passwords, while on my mac it give a full on seg fault.
I guess what I'm trying to say is A) I'm frantically trying to rebuild my NTLM tables before shmoocon, and B) You really need to read ALL the comments ;)
The plus is that my MSCasche, MD5, and some of my older NTLM (keyboard combo), tables are still good, and combined with what I can create after hyjacking a couple of my coworker's computer, I should still have a fairly good selection to release at Shmoocon.
Regin: Another Military-Grade Malware
9 hours ago