Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 27 Jun 2014 07:32:52 -0400
From: "Richard B. Tilley" <brad@....us>
To: john-users@...ts.openwall.com
Subject: Junos Pulse VPN Client (Saved Passwords)

Hello John Users,

I was wondering if any John users or devs has ever examined Junos Pulse VPN client passwords. Specifically, the ones that are stored when a user saves the VPN connection settings. On Windows machines, the password seems to be stored in the registry. When there are multiple different connection types (full v split tunnel, etc) that have been save then there are multiple registry entries. Here is a sample path:

[HKEY_CURRENT_USER\Software\Juniper Networks\Junos Pulse\User Data\ive:2eed21ed-ab06-4244-a8f6-12fa59b838a1\Password1]

This is a REG_BINARY type. I can edit it (remove or change a byte) and the VPN connection will fail, place it back and it works again. They seem to be encrypted somehow. So I was curious if anyone on the list may have figured this format out and used John to crack them? 

Thanks,

Brad

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.