Date: Mon, 26 Nov 2012 10:26:15 +0530 From: Dhiru Kholia <dhiru.kholia@...il.com> To: john-dev@...ts.openwall.com Subject: Cracking MongoDB hashes with JtR Hi, Based on https://github.com/cyberpunkych/attacking_mongodb, I have written a JtR format to crack both MongoDB system as well as sniffed network hashes. ✗ ../run/john -fo:mongodb -t # Atom N270 CPU Benchmarking: MongoDB system / network MD5 [32/32]... DONE Raw: 813341 c/s real, 821556 c/s virtual I have written Ettercap plug-in to output sniffed MongoDB hashes in JtR compatible format (the original parser sucks, hope mine works). Link: https://github.com/kholia/ettercap/tree/MongoDB In addition, the following Ettercap plug-in allows fixed salt MiTM attacks to be carried out against MongoDB authentication protocol. https://github.com/kholia/ettercap/tree/MongoDB-MiTM -- Cheers, Dhiru
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.