Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sun, 18 Nov 2012 18:15:17 +0100
From: buawig <buawig@...il.com>
To: john-users@...ts.openwall.com
Subject: support for weak kerberos etypes

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

for kerberos setups that are vulnerable to etype downgrade attacks[1]
it would be great to have john support for a few weaker etypes that
require less cracking effort than etype 18 (aes256-cts-hmac-sha1-96).

The following etypes are supported by a default Windows 7 client:

etype 	| name
- ------------------------
1	| des-cbc-crc
3	| des-cbc-md5
24	| rc4-hmac-exp
- -135?	| rc4-hmac-old-exp*
23	| rc4-hmac 	(support available)
17	| aes128-cts-hmac-sha1-96
18	| aes256-cts-hmac-sha1-96 (support available)

WinXP (pcap file from [2]):
- -133?	| rc4-hmac-old*
- -128?	| rc4-md4*

from centos 6.3 (from Dhiru pcap file [3])
16	| des3-cbc-sha1

*) non-existing according to IANA, wireshark disector bug?

IANA list of etypes with references to RFCs:
https://www.iana.org/assignments/kerberos-parameters/kerberos-parameters.xml#kerberos-parameters-1

[1]
http://media.blackhat.com/bh-us-10/whitepapers/Stender_Engel_Hill/BlackHat-USA-2010-Stender-Engel-Hill-Attacking-Kerberos-Deployments-wp.pdf
[2]
http://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=view&target=krb-816.zip
[3] http://dl.dropbox.com/u/1522424/KerberosCaptures.tar.gz
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJQqRelAAoJEJeRHQyF0ukMtEoP/RJpYBuiFPOLm/Y6mxw/Gfkx
/zero+JKCBjCg3eVFgM3B5tHTbeNyTzsx0rO2k1PjcnNdJonj0B/VYVYryoTeNlV
SepxgYDrXeUXBeJ1gLgSHnajKvwhI6MFgZuxNStxMNsWV/0xY22ypugFC/b1zoQ2
dMaYhf2TjcdBnv2lSpSKZYxwM6cvy8eT7xab3LU9wghMUnNb2CABn/yc9THE7SXF
psIBPIkK5bW+Te40IAhPYrqG1WQ/FBMDe8jZMIMeiW2DqQuMT3zseuHnDzURK61Z
LdPHx8fl5gZCV7X3YHJFvlOL8Bqhvh6v9XtsVELjSYM6Rr91OLQ6wZYJDUOEhxMo
jCC4jDqbGeOgldyEvElvNfmwlrnAnInkDfATdicT46BjPQzZ8rPDoSRSr+OwAkkk
jRZ5ZalflCX0q9V7lHn0iuVZTHw1PHo+GLMjrG4knxn1Rlfhtvs4pSkruECNQe6R
KIscxsmrYSgVpEAJf3hTBrYyquadQFdoaZlJHhYjFGwZA3W1RznUqRpLUGEbmQ/P
ZpqgbNsGeNSdaTFSr13VXnSgLySbLZrrybRLGalX5hOLJWOdFMZLwo4rt4jpo5Cj
7VVmb9qzso2iqxoLKuqm62gZ8qn/w7pish09nlCFkHhRAlr5LEiCN8T7wVbTS4ru
yQ22CiQVJcjSjnQzjwEE
=C4Fy
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.