Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 10 Dec 2012 01:30:38 +0100
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: support for weak kerberos etypes

On 6 Dec, 2012, at 13:08 , magnum <john.magnum@...hmail.com> wrote:
> On 6 Dec, 2012, at 12:53 , Dhiru Kholia <dhiru.kholia@...il.com> wrote:
>> On Thu, Dec 6, 2012 at 5:00 PM, magnum <john.magnum@...hmail.com> wrote:
>>> Also, etype 17 would be super-easy to add (provided the only difference is the AES) to our current krb5ng and krb5ng-opencl formats if someone provides a sample pcap. It wont be any faster than etype 18 though. As far as I can read krbng2john.py, it would need to be modified to support this etype... would we also need to change the input format? Maybe add the etype as a separate field.
>> 
>> Yes, Input format needs to be extended.
>> 
>> Do you plan to use a new file for implementing etype 17 using OpenCL?
> 
> Provided the only difference is AES-128 instead of AES-256 it can be the same file. It does not affect speed so there are no problems mixing them in one run.
> 
>> I will extend krb5-ng (CPU format) to support etype 17 soon.

Anyone using the new krb5-ng formats should pull. This has happened over the last few days:

- Input format changed. Any old file produced with krbng2john.py must be re-generated, or manually edited (trivial, just ask if you get stuck).
- krbng2john.py was renamed to krbpa2john.py and now outputs lines for any etype.
- The new formats were renamed from krb5ng[-opencl] to krb5pa-sha[-opencl] and both now support etype 17 as well as etype 18. Some bugs were fixed too.
- The old mskrb5 format (really etype 23) was renamed to krb5pa-md5. It can now read the output from krbpa2john.py (the old format is supported too, but is deprecated).

My assumption that etype 17 is not any faster than etype 18 has been confirmed. It's the same pbkdf2-hmac-sha1 dictating the (lack of) speed. For downgrade attacks you should try to get etype 23 which is a whole lot faster. I will implement that too in OpenCL, but it will be limited by transfer speeds (will likely perform very similar to ntlmv2-opencl).

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.