Date: Wed, 8 Feb 2012 15:34:15 +0100 From: A BC <miaou.pbl@...il.com> To: john-users@...ts.openwall.com Subject: Re: DES - not "traditional DES-based" - (VNC hash) with JtR Hi On Wed, Feb 8, 2012 at 12:31 PM, Rich Rumble <richrumble@...il.com> wrote: > The passwords are part of the file names, case sensitive, in these cases > "openwall", "Password" and "pass1234" > My bad. I opened the archive but it didn't strike me... > Cain&Abel is able to sniff, extract and crack protocol 3.3 only, 3.7 and > 3.8 do seem to be different to that program for some reason. > (oxid.it) > My project is to crack the easiest hashes. The main difference between auth protocol 3.3 and 3.7+ is that 3.7+ supports lots of auth method, unlike 3.3, which supports either no auth, or DES challenge/response auth. You can force the client to use this method, even if the server runs 3.7 or 3.8. Here is a bunch of tests : http://pastebin.com/9gLBtp2Y The format in the file is : on each new line is a single test. hexdump of the challenge, ":", password, " ", hexdump of the response, "\t", base64 dump of the challenge, ":", password, " ", base64 dump of the response Miaou
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.