Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 18 Nov 2012 02:33:38 +0530
From: Dhiru Kholia <>
Subject: Re: cracking passwords with a kerberos traffic dump /
 aes256-cts-hmac-sha1-96 (18)

On Sun, Nov 18, 2012 at 2:19 AM, buawig <> wrote:
>> Sure. Use and
>> see attached code.
> So my method to create john input files from pcap files matches yours..
> but does not crack.
> The only remaining idea I would have now..
> Could you try to use a 15+ char password and see if it still works?

This might be because the newer PBKDF2 code I have used has limits on
password length. I can revert to safer (but slower) version.

I will try cracking a 15+ char password soon.

> The password in my case is 15+ (maybe MS is using a different hash with
> length=15+ passwords? (...a shot in the blue)
> What setup do you have? Win7 client + Server 2003?

Both my Kerberos server and client are CentOS (Linux) 6.3 machines.

It would be great if you can post a pcap file for a dummy user.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.