Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 25 Jun 2010 01:38:32 +0400
From: Solar Designer <>
Subject: Re: john the ripper for Kerberos Ticket

On Fri, Jun 25, 2010 at 04:55:33AM +0800, kristian wrote:
> I think the cipher text string I put in the file is different with the example in the KRB5_fmt.c file, I got it in the AS_REP packet from wireshark. They're different in length, I see

The length difference might be OK - after some Googling, I think the TGT
is not of fixed length (but rather the length may differ across software
versions and deployments).  It's just that KRB5_fmt.c only supports what
the author of that code had seen.

For us to proceed further, please post:

1. A TGT hex-string like the one you had posted (or state that the same
one applies for the below if that's the case).

2. The corresponding realm name.

3. The corresponding username.

4. The corresponding password.

Please make sure that you're not placing any account at risk by
revealing that info - e.g., change the password before posting.

With all of this info, assuming that it's reliable, we will have much
better chances of revising the code to make it generic enough to work
for your TGTs.

> I use freeBSD operating system which installs (almost all) software by ports,

Let's keep FreeBSD ports out of the picture.  For the purpose of this
discussion, that's just an extra way for things to go wrong.

I'll assume that you're downloading clean JtR 1.7.6 and the jumbo patch
as distributed by Openwall, applying the patch as described on the wiki,
and building with "make clean freebsd-x86-sse2" or "make clean
freebsd-x86-64" as appropriate for your system (chances are that one of
these two is right).

> # make clean generic

This should work as well, but it's slower.

> It's looks like succesfully installed, but when I run "./john" I got this error message :
> fopen: /usr/local/share/john/john.ini: No such file or directory

This indicates that you're still using something from the "port", but
not the entire "port".  Please don't use anything from the "port" when
you build JtR on your own.

> Segmentation fault: 11 (core dumped)
> Just like before I posted my question to this mailing list

You had never mentioned the segfault before.  You should have.  Anyhow,
I discovered a bug in KRB5_fmt.c that would lead to a segfault with your
improperly-formatted input file line (the way you had posted it).  The
patches I posted earlier today fix this bug (and more).

> This error looks like a memory problem in freebsd

If it's what I think it is, then it is not FreeBSD-specific.  Just a bug
in this rarely-used piece of code in the jumbo patch; moreover, the bug
would not manifest itself with correct input, which is yet another reason
why it remained unnoticed so far.

Once again, please post the 1-2-3-4 items I requested above.  Anything
else is unlikely to get us very far.  I'd be happy to get this code
working fully, but we need a test sample, really.

> --- Pada Jum, 25/6/10, Solar Designer <> menulis:

Please quote just the relevant context (but do quote it!), not the
entire message you're replying to.  Please refer to:



Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.