Jesper's Blog

Obligatory file photo: I am a Senior Security Strategist in the Security Technology Unit at Microsoft. My job is to explain to our customers how to run Microsoft products securely, and to the extent that it is needed, help the product groups figu

Blogs

How LMCompatibilityLevel really works

  • Comments 5
  • Likes

A while ago I once again got frustrated by LMCompatibilityLevel and the amount of confusion that is out there about it. There was also an intriguing thing in the SAMBA documentation that they (incorrectly) called "NTLM2 Session Response" that needed figured out. The results are in the latest issue of TechNet Magazine.

One additional thing deserves mention. Roger Grimes contacted me after he saw the article and asked why the Cain tool shows an MD4 hash and an NT hash, when I claim the NT hash is actually an MD4 hash. He then proceeded to answer his own question because I couldn't think of why. What Cain calls an MD4 hash appears to be an MD4 hash of the entire string, including the NULL terminator. The NT hash that is used in Windows is, as I mention somewhat obscurely in the article, a hash of the Unicode password string (in fact, it is even called the UnicodePwd in Active Directory, as I pointed out in the book among other places), but it does not include the NULL terminator. It just never occurred to me that Cain might display an MD4 hash that does. Thanks Roger for figuring that out.

Comments
  • Finally an accurate and definitive description of LMCompatibilityLevel and NTLMv2 Session Security from a trusted Microsoft source!

  • Ever the burden of the network developer, and particularly the crypto network developer, to get agreement between sender and recipient as to what the binary representation of an object is.  You have no idea (but can probably guess) how often this sort of error pops up in badly written software to poorly documented standards, as people disagree on padding, termination, delimiters, size counts, and connection durations.
    A good protocol document would define these terms explicitly.

  • Someone reminded me the other day that I should revisit this just to emphasise that this is not "Microsoft screwing up the standards".
    MD4 hashes are hashes of binary data, not strings, and as such, there is nothing to state whether or not a terminating NULL should be included, prior to calculating the hash.
    Microsoft has a renewed interest in standards and interoperability, which can only be a good thing.

  • PingBack from http://www.secure-software-engineering.com/2008/03/02/how-lmcompatibilitylevel-really-works/

  • PingBack from http://www.petri.co.il/save-your-exchange-password-in-microsoft-outlook-2003-or-2007.htm

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment