Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 16 Nov 2012 15:15:59 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: cracking passwords with a kerberos traffic dump

On Fri, Nov 16, 2012 at 3:29 AM, buawig <buawig@...il.com> wrote:
> given an complete traffic dump from a client authenticating to a
> kerberos server (classical windows domain setup) it should be possible
> to perform offline dictionary attacks, right?
>
> Does john support that kind of attack?
> Is it limited to specific kerberos encryption types? (DES only?)
>
> I suppose tgtsnarf (which comes with john) is not an option if the KDC
> requires PREAUTH.

Can you post some sample .pcap files? I can take a look.

-- 
Cheers,
Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.