Date: Thu, 15 Nov 2012 22:59:49 +0100 From: buawig <buawig@...il.com> To: john-users@...ts.openwall.com Subject: cracking passwords with a kerberos traffic dump Hi, given an complete traffic dump from a client authenticating to a kerberos server (classical windows domain setup) it should be possible to perform offline dictionary attacks, right? Does john support that kind of attack? Is it limited to specific kerberos encryption types? (DES only?) I suppose tgtsnarf (which comes with john) is not an option if the KDC requires PREAUTH. Seaching for a solution I found only: http://www.openwall.com/lists/john-users/2010/06/21/1 thanks in advance.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.