Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 06 Sep 2012 21:25:05 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: New formats: KRB5-18 and KRB5-23

On 09/06/2012 09:12 AM, Camille Mougey wrote:
> I send you two new formats, named KRB5-18 and KRB5-23 and both tools :
> krb5_util.patch and kdcdump2john.

Thanks, this is now committed to git. Since it has a dependency on KRB5 
libs and headers, it is by default disabled but emits a notice when 
building, just like a couple of other formats.

> The idea is as follows:
> - On a KDC server, with the krb5_util patched tool, dump the unencrypted
> database.

I placed the README in the doc directory. I'm not sure I did the right 
thing, but I also placed the krb5-util patch there too. Maybe we should 
put it in unused/ with a notice in the readme.

> - With kdcdump2john, get relevant informations and create a hash list for
> john
> - The 2 formats corresponds to, respectively, aes256-cts-hmac-sha1-96 (the
> recommended format) and arcfour-hmac (faster to crack)

Yes, a lot... here's my benchmarks, non-OMP (i7 at 2.3):

Benchmarking: KRB5 aes256-cts-hmac-sha1-96 [32/64]... DONE
Raw:	151 c/s real, 151 c/s virtual

Benchmarking: KRB5 arcfour-hmac [32/64]... DONE
Raw:	3327K c/s real, 3327K c/s virtual

> Looking forward for your comments,

While they work like champs on Linux, both fail self-test on OSX, 
although there are no problems nor warnings when building. I'm not sure 
I'll be able to debug that soon, maybe you or someone else can.

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ