Date: Sat, 17 Nov 2012 22:43:09 +0100 From: magnum <john.magnum@...hmail.com> To: john-users@...ts.openwall.com Subject: Re: cracking passwords with a kerberos traffic dump / aes256-cts-hmac-sha1-96 (18) On 17 Nov, 2012, at 13:22 , Dhiru Kholia <dhiru.kholia@...il.com> wrote: > On Sat, Nov 17, 2012 at 3:46 PM, magnum <john.magnum@...hmail.com> wrote: >> On 17 Nov, 2012, at 7:41 , Dhiru Kholia <dhiru.kholia@...il.com> wrote: >>> On Sat, Nov 17, 2012 at 4:43 AM, buawig <buawig@...il.com> wrote: >>>> Thank you for your help and numerous answers, looking forward to see >>>> krb5-18-traffic_fmt.c ;) >>> >>> I have implemented such a format (attached) with the help of code >>> posted on insidepro.com forum and by asking "ghudson" numerous >>> questions on #krbdev . However, it is super slow due to use of PBKDF2 >>> with 4096 iterations. >>> Lot of optimizations can be done (get rid of nfold operations, use >>> Lukas's PBKDF2 code, magnum's valid timestamp heuristics etc). I will >>> port this format to OpenCL soon. >> >> Cool. Be sure to use the PBKDF2 from current wpapsk-opencl as it uses a split kernel. > > magnum, > > I am thinking of working on the pcap parser and MiTM downgrade attack > first. I think leaving the OpenCL port to an expert (you!) is best. I'm really only good at triggering driver bugs :-( Is this a Micro$oft-specific format? If so, maybe it should be called mskrb5-18 or something like that. Does it use that known plaintext? magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.