Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 26 Nov 2012 10:26:15 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-dev@...ts.openwall.com
Subject: Cracking MongoDB hashes with JtR

Hi,

Based on https://github.com/cyberpunkych/attacking_mongodb, I have
written a JtR format to crack both MongoDB system as well as sniffed
network hashes.

✗ ../run/john -fo:mongodb -t # Atom N270 CPU
Benchmarking: MongoDB system / network MD5 [32/32]... DONE
Raw:	813341 c/s real, 821556 c/s virtual

I have written Ettercap plug-in to output sniffed MongoDB hashes in
JtR compatible format (the original parser sucks, hope mine works).
Link: https://github.com/kholia/ettercap/tree/MongoDB

In addition, the following Ettercap plug-in allows fixed salt MiTM
attacks to be carried out against MongoDB authentication protocol.

https://github.com/kholia/ettercap/tree/MongoDB-MiTM

-- 
Cheers,
Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.