Date: Tue, 27 Nov 2012 13:01:30 +0400 From: Solar Designer <solar@...nwall.com> To: john-dev@...ts.openwall.com Subject: Re: Cracking MongoDB hashes with JtR Hi Dhiru, On Mon, Nov 26, 2012 at 10:26:15AM +0530, Dhiru Kholia wrote: > Based on https://github.com/cyberpunkych/attacking_mongodb, I have > written a JtR format to crack both MongoDB system as well as sniffed > network hashes. Cool! I attended Mikhail's talk on attacking MongoDB at ZeroNights, and indeed I immediately thought that we ought to support cracking those challenge/responses. http://blog.ptsecurity.com/2012/11/attacking-mongodb.html > ??? ../run/john -fo:mongodb -t # Atom N270 CPU > Benchmarking: MongoDB system / network MD5 [32/32]... DONE > Raw: 813341 c/s real, 821556 c/s virtual > > I have written Ettercap plug-in to output sniffed MongoDB hashes in > JtR compatible format (the original parser sucks, hope mine works). > Link: https://github.com/kholia/ettercap/tree/MongoDB Does this have to be a custom JtR format? Can't we have the Ettercap plugin output lines usable with a dynamic format, perhaps it'd be one of the pre-defined dynamic formats even? It'd work a lot faster too (due to SSE2+ intrinsics, which I guess your code is not using). > In addition, the following Ettercap plug-in allows fixed salt MiTM > attacks to be carried out against MongoDB authentication protocol. > > https://github.com/kholia/ettercap/tree/MongoDB-MiTM Cool! Thanks, Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.