Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 22 Nov 2012 23:51:09 +0100
From: buawig <buawig@...il.com>
To: john-users@...ts.openwall.com
Subject: [kerberos] active etype downgrade attack (MitM)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi Dhiru,

[I created a new/separate thread]

>> I am thinking of working on the pcap parser and MiTM downgrade
>> attack first. I think leaving the OpenCL port to an expert (you!)
>> is best.
> 
> I can now do MiTM etype downgrade attack against latest MIT
> Kerberos successfully. I couldn't find any other software which
> does this, so I extended Ettercap to do so.

Nice to hear that! Do you plan to submit it for upstream inclusion?

When it comes to etype downgrade attacks I would be interested on how
fast cracking speed gets with the weakest etypes like 1 (des-cbc-crc)
or 3 (des-cbc-md5) in terms of c/s rates.
http://www.openwall.com/lists/john-users/2012/11/18/14

Did you do also some tests with salt manipulation?
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJQrqxdAAoJEJeRHQyF0ukMEHQP/i685Dt6ZWaYPnA52GJoYZJv
pOOWcDy1G/YkC2R1+wqSAh/jpAdIlcq/ts6+f8M4Q52rmHPgQGGQHQlrFBU2gMIN
Pt+n0hRZsoDS3rTTOGEonLpcY7wIGeK1bFC04D5GA+vPe1qBJTQQpVzDs+V9ZT+i
cdGMJlmDBn9S7dS0vaUHtQFO39XxZRYOsZrr6pQPl5/tBTjI+AsxAXWQLn+yz2jz
g73J9Q6+KiSQ1vn1ota0oX0zqaD2qvXftcVF5itjK9uEnB/13AQVDc45uygUiTFA
nljlr5g8bFlGijp2mlZPzZM3cGKl3Kr7lCiyZhmKBsW6YSeDEVNefE3XSGu/MZrN
iXCc3NJ+S6catTMKEWD1Z8gRwssrIiRLFQQbn+IWZPgxMJngN5aJoFsCBX3xStyZ
EOwvfSzcsqgoGLCv7beWdjG+ziCz3Vsnutvpjz5NligerAWNyIhkPgoBbizT3YBG
tji4JzfV/QvR1GxU/l2/AX3O8bz2Ohyo7pZJ7x8sw3yJMpqIjK1wMGyiIdLYFCxp
TqmW+v7rXM2EAwF4DlzD+8sg8+99N4Thwc9/INvtlpC5ngVQEnEVagnWum08IbDx
QGfGUly/Y6xMPVwapDovNm+rjbkXDt9CtYXZrprzzUTp0C/+/O6Tvi1UplNnWFhj
zl9498JQaQMiRiL9biLI
=vgG9
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.