Whats the full story with Netware passwords?
A Novell proprietary algorithm takes the password, and produces a 16 byte hash. This algorithm is the same for versions 3.x and 4.x of Netware. The algorithm is also inside the LOGIN.EXE file used by the client when logging in. The details of the algorithm itself can be found in the CRYPT.TXT file included with Pandora (see Pandora for details). The 16 byte hash is stored within the bindery files in Netware 3.x and NDS in Netware 4.x. Since the object ID is used in the algorithm, it adds the equivalent of a salt. This along with the fact that the password length plays into the algorithm increases the overhead in cracking multiple passwords at once. Fortunately for the cracker, both the object ID and the password length are stored with the hash, along with that fact that lower case letters are converted to upper case before generating the hash does simplify the process slightly. Password crackers can brute force a little easier since they can eliminate trying lower case letters and conc