</h1>
<div class="clear"></div>
<div class="postBody">
Update_2020_01_16
Introduction to NTLM:
NTLM is used in Windows NT and Windows 2000 Server (or later) workgroup environments (Kerberos is used in domain mode). In the AD domain environment, if the Windows NT system needs to be authenticated, NTLM must also be used. Compared with Kerberos, the NTLM-based authentication process is much simpler. NTLM uses a challenge/response message exchange model.
NTLM protocol certification includes two versions, NTLMv1 and NTLMv2. It involves the whole process of NTLM authentication and the realization of NTLM's EPA (Extended Protection for Authentication).
When logging in to Windows locally, the operating system will use the password entered by the user as a credential to verify the password in the system. The password in the operating system is stored in%SystemRoot%\system32\config\sam
When we log in to the system, the system will automatically read the "password" in the SAM file and compare it with the "password" we entered. If they are the same, the authentication is successful!
This SAM file retains the credential information of all local users of the computer, which can be understood as a database.
It should be noted that: Windows itself does not save plaintext passwords, only the hash of the password.
The relationship between NTLM Hash and NTLM:
In Windows, password Hash is currently called NTLM Hash, and the full name of NTLM is: "NT LAN Manager".
This NTLM is a network authentication protocol , and its relationship with NTLM Hash is: NTLM network authentication protocol is NTLM Hasha protocol for authentication as a basic credential.
In other words, NTLM and NTLM Hash correspond to each other.
In the process of local authentication, in fact, the password entered by the user is converted into NTLM Hash and compared with the NTLM Hash in SAM.
The generation of NTLM Hash:
Assuming my password is admin, the operating system will convert admin to hexadecimal. After Unicode conversion, the MD4 encryption algorithm is used for encryption. The hexadecimal of the encrypted result is NTLM Hash.
admin(密码) -> hex(16进制编码) = 61646d696e
61646d696e -> Unicode(Unicode编码) = 610064006d0069006e00
610064006d0069006e00 -> MD4(MD4算法加密) = 209c6174da490caeb422f3fa5a7ae634(NTLM Hash)
Local authentication process:
winlogon.exe -> Receive user input -> lsass.exe -> (Authentication)
First of all, after the user logs out, restarts, and locks the screen, the operating system will winlogon.exedisplay the login interface, which is the input box. After receiving the input, the password will be handed over to the lsass process. In this process, a plaintext password will be stored and the plaintext password will be encrypted into NTLM Hash, compare authentication to SAM database.
Windows Logon Process (ie winlogon.exe): is a Windows NT user login program, used to manage user login and logout.
LSASS: A security mechanism for Microsoft Windows systems. It is used for local security and login strategy
The relationship between LM Hash and NTLM:
Before the NTLM protocol came out, its predecessor was the LM (LAN Manager) protocol.
Difference: encryption algorithm
Similarity: The authentication mechanism is the authentication process mentioned above
At present, most Windows use NTLM protocol authentication, LM protocol has been basically eliminated, here is to understand.
Encryption of LM Hash:
将所有小写字母转换为大写字母
• >123ABC // 未达到7个字符
• 将密码转化为16进制,分两组,填充为14个字符,空余位使用0x00字符填补
• >31323341424300000000000000
• 将密码分割为两组7个字节的块
• >31323341424300 00000000000000 // 16进制
• 将每组转化为比特流,不足56Bit则在左边加0
• >31323341424300 ->(转换为二进制) 110001001100100011001101000001010000100100001100000000-> (补 足56Bit) 00110001001100100011001101000001010000100100001100000000
• 将比特流按照7比特一组,分出8组,末尾加0
Since the latter are 0 , with predictable results, it is 0 ;
• the bit stream into each 16 hex as encrypted values, using the DES encryption, the string "KGS @ # $! %" For Key (0x4B47532140232425), 8 results are obtained, and each result is converted to hexadecimal.
• -> 00110000100110001000110001101000000101000001001000001100 00000000
• -> 30988 C6814120C00 -> the DES ( 30988 C6814120C00) -> 48 -D7-EB- 91 is - 2 F- 5E-69 - . 7 C
• Since our password does not exceed . 7 bytes, so that the latter half are fixed:
• AA-D3-B4- 35 -B5- 14 - 04 -EE
• DES encryption connecting the two strings. This is LM hash.
• 48EB---D7 91 - 2 The F - 5E-69 - 7 the C- the AA- the D3-B4- 35 -B5- 14 - 04 -EE
Features and problems of LM HASH:
1. The password is not case sensitive.
2. The maximum password length is 14 bytes. In addition, if the password length does not exceed 7 bytes, the last 8 bytes of LM Hash are a fixed value
3. The DES algorithm is not strong enough
Tips: According to the LM Hash feature, it can also determine whether the user's password is greater than or equal to 7 digits.
LM protocol
The early SMB protocol transmits plaintext passwords on the network. Later, the LAN Manager Challenge/Response authentication mechanism, referred to as LM, was so simple that it could be easily cracked. Now there are NTLM and Kerberos.
LAN Manager Challenge/Response: LAN Manager Challenge/Response verification mechanism, referred to as LM. This solution has an earlier response time and lower security than NTLM.
SMB communication, Client A accesses Server B through the LM authentication process
1. First, we assume that the password of Server B is "WELCOME", and Server B has cached the LM-HASH of the password (the original password cannot be cached under any circumstances). We calculate the LM-HASH of "WELCOME" through the above script as "c23413a8a1e7665faad3b435b51404ee"
2. Server B - 8bytes Challenge --> Client A, Server B sends an 8-byte challenge code "0001020304050607" to Client A
3. Client A will calculate and cache the LM-HASH of the password based on the plaintext of its password to access Server B (Client A caches the hash value of the input password, and the original password will be discarded. "The original password cannot be cached under any circumstances. ", this is a basic security rule)-Then after LM-HASH, 5 0x00 becomes "c23413a8a1e7665faad3b435b51404ee0000000000", which becomes 21 bytes, and then divided into three groups, each group of 7 bytes
| C23413A8A1E766 | 5FAAD3B435B514 | 04EE0000000000 |
Each group of 7 bytes is passed as a parameter to the str_to_key() function, and finally three groups of DESKEY are obtained, each group of 8 bytes
| C21A04748A0E9CCC | 5ED4B47642ACD428 | 0476800000000000 |
Use three sets of DESKEY to challenge the 8-byte challenge "0001020304050607" and perform standard DES encryption.
C21A04748A0E9CCC ---- 对0001020304050607进行标准DES加密 --> CA1200723C41D577
5 ED4B47642ACD428 ---- Standard DES encryption for 0001020304050607 --> AB18C764C6DEF34F
0476800000000000 ---- Standard DES encryption for 0001020304050607 --> A61BFA0671EA5FC8
Client A finally gets a 24-byte response which should be "CA1200723C41D577AB18C764C6DEF34FA61BFA0671EA5FC8" (this result is called response )
Client A sends "CA1200723C41D577AB18C764C6DEF34FA61BFA0671EA5FC8" to Server B. Server B will perform the same calculation based on the LM-HASH cached by itself, and compare the calculation result with the response from A. If it matches, the authentication is passed.
C = 8-byte server challenge
K1 | K2 | K3 = LM-Hash | 5-bytes-0
response = DES(K1, C) | DES(K2, C) | DES(K3, C)
The simple overview is: First, A retains the LM-HASH generated by the algorithm through the plaintext password sent to B. As A initiates a request to B, B will return an 8-byte challenge code to A, and then A will generate itself The LM-HASH is divided into three groups, each group is 7 bytes, and then the LM-HASH of each group is DES encrypted with the challenge code, and then this value is sent to B, and B is also the same as A with the challenge code. Operation, the difference between B here is that the cached LM-HASH is stored in its own server instead of A, which has a distinguishing effect, and then compare, if the same, then pass, and vice versa.
NTLM protocol:
NTLM is a network authentication protocol, which is an authentication mode based on the challenge/response authentication mechanism.
The authentication process of the NTLM protocol is divided into three steps:
1. Negotiation: Mainly used to confirm the version of the agreement between the two parties (NTLM v1/NTLM V2).
2. Challenge: It is the scope where the Challenge/Response authentication mechanism works. This section mainly discusses the operation process of this mechanism.
3. Verification: Verification is mainly to verify the result after the inquiry is completed, which is the last step of the certification.
The complete process of questioning:
1. The client sends a request for user information (user name) to the server
2. The server receives the request and generates a 16-bit random number, which is called Challenge, encrypt the Challenge (16-bit random characters) with the NTLM Hash corresponding to the login user name, generate a Response, and save it in the memory (the Response here can be Call it Net NTLM Hash). At the same time, after the Response is generated, the Challenge (16 random characters) is sent to the client.
3. After the client receives the Challenge, it uses the NTLM Hash corresponding to the account to be logged in to encrypt the Challenge to generate a Response, and then sends the Response to the server.
Among them, the result Response of the Challenge after NTLM Hash encryption is called Net NTLM Hash in the network protocol .
Verification: After receiving the response from the client, the server compares whether the responses on both sides are equal. If they are equal, the authentication is passed.
note:
1. Chanllenge is a 16-byte random number generated by the server, and the random number is different for each authentication
2. The form of Response is Net-NTLM Hash, which is the result of the password Hash provided by the client encrypting the Chanllenge returned by the Server.
Encryption methods of Net-NTLMv1 and Net-NTLMv2:
Net-NTLMv1:
客户端向服务器发送一个请求
服务器接收到请求后,生成一个8位的Challenge,发送回客户端
客户端接收到Challenge后,使用登录用户的密码hash对Challenge加密,作为response发送给服务器
服务器校验response
Net-NTLMv2 :
客户端向服务器发送一个请求
服务器接收到请求后,生成一个16位的Challenge,发送回客户端
客户端接收到Challenge后,使用登录用户的密码hash对Challenge加密,作为response发送给服务器
服务器校验response
to sum up:
For the utilization method of Net-NTLMv1, please refer to: https://xz.aliyun.com/t/2205
The process of the two is the same, but the encryption algorithm is different, and Net-NTLMv1 is relatively fragile.
Tips: According to the characteristics of LM Hash, the last 8 bytes of LM Hash is a fixed value. It can also determine whether the user's password is greater than or equal to 7 digits, if it is, it is less than, and if it is not, it is greater than
Tips: Since Windows Vista/Server2008, Net-NTLMv1 is disabled by default and Net-NTLMv2 is used
The first three, when the password exceeds 14 digits, NTLM encryption will be used test: 1003: E52CAC67419A9A22664345140A852F61: 67A54E1C9058FCA16498061B9 6863248:::
The first part is LM Hash, and the latter part is NTLM Hash. When LM Hash is AAD3B435B51404EEAAD3B435B51404EE, this means an empty password or LM_HASH is not used
Hash is generally stored in two places: 1. SAM file, stored in the machine corresponding to local users 2. NTDS.DIT file, stored in the domain controller corresponding to domain users