Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 17 Nov 2012 22:43:09 +0100
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: cracking passwords with a kerberos traffic dump / aes256-cts-hmac-sha1-96 (18)

On 17 Nov, 2012, at 13:22 , Dhiru Kholia <dhiru.kholia@...il.com> wrote:
> On Sat, Nov 17, 2012 at 3:46 PM, magnum <john.magnum@...hmail.com> wrote:
>> On 17 Nov, 2012, at 7:41 , Dhiru Kholia <dhiru.kholia@...il.com> wrote:
>>> On Sat, Nov 17, 2012 at 4:43 AM, buawig <buawig@...il.com> wrote:
>>>> Thank you for your help and numerous answers, looking forward to see
>>>> krb5-18-traffic_fmt.c ;)
>>> 
>>> I have implemented such a format (attached) with the help of code
>>> posted on insidepro.com forum and by asking "ghudson" numerous
>>> questions on #krbdev . However, it is super slow due to use of PBKDF2
>>> with 4096 iterations.
>>> Lot of optimizations can be done (get rid of nfold operations, use
>>> Lukas's PBKDF2 code, magnum's valid timestamp heuristics etc). I will
>>> port this format to OpenCL soon.
>> 
>> Cool. Be sure to use the PBKDF2 from current wpapsk-opencl as it uses a split kernel.
> 
> magnum,
> 
> I am thinking of working on the pcap parser and MiTM downgrade attack
> first. I think leaving the OpenCL port to an expert (you!) is best.


I'm really only good at triggering driver bugs :-(

Is this a Micro$oft-specific format? If so, maybe it should be called mskrb5-18 or something like that. Does it use that known plaintext?

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.