Date: Fri, 16 Nov 2012 15:15:59 +0530 From: Dhiru Kholia <dhiru.kholia@...il.com> To: john-users@...ts.openwall.com Subject: Re: cracking passwords with a kerberos traffic dump On Fri, Nov 16, 2012 at 3:29 AM, buawig <buawig@...il.com> wrote: > given an complete traffic dump from a client authenticating to a > kerberos server (classical windows domain setup) it should be possible > to perform offline dictionary attacks, right? > > Does john support that kind of attack? > Is it limited to specific kerberos encryption types? (DES only?) > > I suppose tgtsnarf (which comes with john) is not an option if the KDC > requires PREAUTH. Can you post some sample .pcap files? I can take a look. -- Cheers, Dhiru
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.