Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 7 Jul 2010 04:57:19 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: john the ripper for Kerberos Ticket

On Tue, Jul 06, 2010 at 10:18:11AM +0800, kristian wrote:
...
> 3. username : kampret/admin

Thanks for the info.  No known password?

You may get your info loaded by 1.7.6-jumbo-4 if you format the line as
follows:

kampret/admin:$krb5$kampret/admin$SKJK.COM$3082014ea003020105a10a1b08534b4a4b2e434f4da21d301ba003020100a11430121b066b72627467741b08534b4a4b2e434f4da382011a30820116a003020110a103020101a2820108048201043570e1216b6d2295328de7c120c418a1e4252f8255d85bb5dd4ff72205390578641d80d3de6accfadde721f840faa371b768a9e3dbea8be2e20b0cebf3d2f09e0655390bfc0796a352d5173f8f79696cd62782fb1731d707940f9ab548af13abab13b9eb08bc540e96a4f803c0681ccdbed686b75501fd43763f1d3d8ff01fd4f26752850af76245bf5b8a239d40532bc26762cf049bc51300b803f1de853ff54f707c8f77b7015858b4b045fa0fd0a39da71dca64ff31bd6baf8029a9535b090d810fc7dd7e5f61ec30267f89ae22decca102691bf1bcc3b99f14cc5a3ad70ef892decdaacc9b689913bd78ebc1380b5d97249cb482a8648673460322070e62fac0f1ac

and patch KRB5_fmt.c to specify TGT_SIZE 338.  Then JtR starts
processing this, but without a known password we have no idea whether it
actually does anything reasonable or not (probably not).

I briefly discussed this matter with the original author of the KRB5_*.c
code and he confirmed that the code is unlikely to work for most current
deployments.  Maybe he or someone else will submit a more up to date
implementation.  Meanwhile, this is unlikely to work.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.