Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 22 Nov 2012 20:27:21 +0530
From: Dhiru Kholia <>
Cc: buawig <>
Subject: Re: cracking passwords with a kerberos traffic dump /
 aes256-cts-hmac-sha1-96 (18)

On Sat, Nov 17, 2012 at 5:52 PM, Dhiru Kholia <> wrote:
> On Sat, Nov 17, 2012 at 3:46 PM, magnum <> wrote:
>> On 17 Nov, 2012, at 7:41 , Dhiru Kholia <> wrote:
>>> On Sat, Nov 17, 2012 at 4:43 AM, buawig <> wrote:
>>> I have implemented such a format (attached) with the help of code
>>> posted on forum and by asking "ghudson" numerous
>>> questions on #krbdev . However, it is super slow due to use of PBKDF2
>>> with 4096 iterations.
>>> Lot of optimizations can be done (get rid of nfold operations, use
>>> Lukas's PBKDF2 code, magnum's valid timestamp heuristics etc). I will
>>> port this format to OpenCL soon.
>> Cool. Be sure to use the PBKDF2 from current wpapsk-opencl as it uses a split kernel.
> I am thinking of working on the pcap parser and MiTM downgrade attack
> first. I think leaving the OpenCL port to an expert (you!) is best.

I can now do MiTM etype downgrade attack against latest MIT Kerberos
successfully. I couldn't find any other software which does this, so I
extended Ettercap to do so.


Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.