Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 6 Sep 2012 09:12:25 +0200
From: Camille Mougey <commial@...il.com>
To: john-dev@...ts.openwall.com
Subject: New formats: KRB5-18 and KRB5-23

Hi,

I send you two new formats, named KRB5-18 and KRB5-23 and both tools :
krb5_util.patch and kdcdump2john.

The idea is as follows:
- On a KDC server, with the krb5_util patched tool, dump the unencrypted
database.
- With kdcdump2john, get relevant informations and create a hash list for
john
- The 2 formats corresponds to, respectively, aes256-cts-hmac-sha1-96 (the
recommended format) and arcfour-hmac (faster to crack)

That way, it is possible to get user passwords from the extended key used
by Kerberos during the authentication part.
I hope it will be useful.

Looking forward for your comments,
Regards,

Camille

[ CONTENT OF TYPE text/html SKIPPED ]

[ CONTENT OF TYPE application/x-gzip SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ