Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAFsct-Yaa4iamX=-WbJusQJ4=o9X5-3056RCaugcXrJCM6xOpw@mail.gmail.com>
Date: Wed, 8 Feb 2012 15:34:15 +0100
From: A BC <miaou.pbl@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: DES - not "traditional DES-based" - (VNC hash) with JtR

Hi

On Wed, Feb 8, 2012 at 12:31 PM, Rich Rumble <richrumble@...il.com> wrote:

> The passwords are part of the file names, case sensitive, in these cases
> "openwall", "Password" and "pass1234"
>

My bad. I opened the  archive but it didn't strike me...



> Cain&Abel is able to sniff, extract and crack protocol 3.3 only, 3.7 and
> 3.8 do seem to be different to that program for some reason.
> (oxid.it)
>

My project is to crack the easiest hashes. The main difference between auth
protocol 3.3 and 3.7+ is that 3.7+ supports lots of auth method, unlike
3.3, which supports either no auth, or DES challenge/response auth. You can
force the client to use this method, even if the server runs 3.7 or 3.8.


Here is a bunch of tests : http://pastebin.com/9gLBtp2Y
The format in the file is : on each new line is a single test.
hexdump of the challenge, ":", password, " ", hexdump of the response,
"\t", base64 dump of the challenge, ":", password, " ", base64 dump of the
response


Miaou

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.