Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <AANLkTikrUA7mwrDHzZObG-w475AvoSsNpxCEHRTRQ9gB@mail.gmail.com>
Date: Tue, 8 Mar 2011 14:59:30 -0500
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: how to crack kerberos5 passwords?

Sorry to write again so soon, perhaps you wanted to
dump your database and crack the hashes inside?
http://web.mit.edu/kerberos/krb5-1.5/krb5-1.5.4/doc/krb5-admin/Dumping-a-Kerberos-Database-to-a-File.html#Dumping-a-Kerberos-Database-to-a-File
I'm not sure how MIT stores the hahes and (fingers crossed)
the salts, but I bet you can get at them by doing the above.
I believe from reading the documentation, that the users
passwords are made into key's using the master key.
So you'd probably have to tell JtR the master key so it
could try to encrypt wordlists etc.. using the master
key to find matches of the users key.
http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html#keysalt
>In Kerberos 4, a salt was never used. The password was
the only input to the one-way hash function. This has a
serious disadvantage; if a user happens to use the same
password in two Kerberos realms, a key compromise in one
realm would result in a key compromise in the other realm.

Doesn't look like krb4 was salted, just a DES hash? I hope
this helps.I also hope someone else writes to set me straight :)
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.