J-Security Center

Title: NT Syskey Reused Keystream Vulnerability

Severity: HIGH

Description:

The Syskey utility was included in Service Pack 3 as a means of protecting the SAM database from off-line brute-force attacks. With the previous encryption, it was possible to crack the passwords of a remote machine if a copy of its encrypted SAM databse could be obtained. There are several tools available to the public with which this can be done. Syskey added more encryption to the database, with the goal of making the calculations required to crack it too time-consuming to be feasible.

Syskey creates a unique RC4 keystream for each user by incorporating the user's RID, but uses that same keystream to encrypt the LMHash and NTHash of their password (after some obfuscation of the hashes), as well as their previous two passwords (stored in the Password History part of their SAM entry). Due to this keystream re-use, it is possible to eradicate it from the formula.

If the final, Syskey-encrypted hashes of the password are XORed together, the result will be the same as the XOR result of the hashes prior to encryption. Therefore, if a potential password is encrypted via the regular NT encryption process, and then obfuscated, the two hashes can be XORed and compared to an XOR of the Syskey hashes to determine if the potential password is correct.

Also, even the user-dependent portion of the algorithm can be defeated, making it possible to attack all passwords of 7 characters or less simutaneously, and even to precompute hash lists that will be valid on any machine. This is due to the fact that with passwords of 7 characters or less, the second half of the LMHash is known, and can be XORed with the previous XOR result to obtain the second half of the NTHash, which can then be compared to the hashed version of words in the dictionary file.

Affected Products:

  • Microsoft Windows NT 4.0
  • Microsoft Windows NT 4.0 SP1
  • Microsoft Windows NT 4.0 SP2
  • Microsoft Windows NT 4.0 SP3
  • Microsoft Windows NT 4.0 SP4
  • Microsoft Windows NT 4.0 SP5
  • Microsoft Windows NT 4.0 SP6
  • Microsoft Windows NT Enterprise Server 4.0
  • Microsoft Windows NT Enterprise Server 4.0 SP1
  • Microsoft Windows NT Enterprise Server 4.0 SP2
  • Microsoft Windows NT Enterprise Server 4.0 SP3
  • Microsoft Windows NT Enterprise Server 4.0 SP4
  • Microsoft Windows NT Enterprise Server 4.0 SP5
  • Microsoft Windows NT Enterprise Server 4.0 SP6
  • Microsoft Windows NT Server 4.0
  • Microsoft Windows NT Server 4.0 SP1
  • Microsoft Windows NT Server 4.0 SP2
  • Microsoft Windows NT Server 4.0 SP3
  • Microsoft Windows NT Server 4.0 SP4
  • Microsoft Windows NT Server 4.0 SP5
  • Microsoft Windows NT Server 4.0 SP6
  • Microsoft Windows NT Terminal Server 4.0
  • Microsoft Windows NT Terminal Server 4.0 SP1
  • Microsoft Windows NT Terminal Server 4.0 SP2
  • Microsoft Windows NT Terminal Server 4.0 SP3
  • Microsoft Windows NT Terminal Server 4.0 SP4
  • Microsoft Windows NT Terminal Server 4.0 SP5
  • Microsoft Windows NT Terminal Server 4.0 SP6
  • Microsoft Windows NT Workstation 4.0
  • Microsoft Windows NT Workstation 4.0 SP1
  • Microsoft Windows NT Workstation 4.0 SP2
  • Microsoft Windows NT Workstation 4.0 SP3
  • Microsoft Windows NT Workstation 4.0 SP4
  • Microsoft Windows NT Workstation 4.0 SP5
  • Microsoft Windows NT Workstation 4.0 SP6

References:

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.