Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 28 Dec 2018 16:35:20 +0530
From: Dhiru Kholia <>
Subject: Re: Break a virtual drive

On Fri, Dec 28, 2018 at 3:06 AM magnum <> wrote:
> > A general question we may discuss is whether we should possibly bundle
> > password reset tools and such along wth JtR (and then their discussion
> > would become on-topic here), or keep JtR as a password cracker only.
> That is an interesting question: We have things like that
> tries to de-obfuscate obfuscated passwords for cracking actual hashes.
> That's a grey zone. Personally I'd be fine with including scripts (in
> Jumbo) to de-obfuscate anything. I agree it's off-scope but it's also a
> password seed issue, and as such it's totally viable.

I am in favor of including such scripts in general.

Some time back, I snuck in a tutorial to de-obfuscate Kerio Connect "hashes".

Also, commercial tools like Passware already include functionality on
similar lines. E.g. Passware can grab disk encryption keys from
memory. Ideally, I would similar scripts/tools to be included and
maintained in Volatility
( but I haven't
looker deeper into this stuff yet.


Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.