Date: Sun, 18 Nov 2012 01:45:47 +0530 From: Dhiru Kholia <dhiru.kholia@...il.com> To: john-users@...ts.openwall.com Subject: Re: cracking passwords with a kerberos traffic dump / aes256-cts-hmac-sha1-96 (18) On Sun, Nov 18, 2012 at 1:14 AM, buawig <buawig@...il.com> wrote: > Unfortunately I was not able to crack a known password with it. > (although your test entry with password=openwall can be cracked) > > In my setup the username entered on the UI differs from the 'real' > username this can be seen in the kerberos.etype_info2.salt value which > shows the actual username + realm = salt (KRB5KDC_ERR_PREAUTH_REQUIRED > packet) - anyway I tried it with both versions. > > Could you publish a sample pcap file including the john input file based > on that pcap file? Sure. Use http://dl.dropbox.com/u/1522424/KerberosCaptures.tar.gz and see attached code. I will upload this to the wiki later on. -- Cheers, Dhiru View attachment "krb-ng_fmt_plug.c" of type "text/x-csrc" (14190 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.