Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CANO7a6zXHH5_F8Hnf5B49eEaMFNML6QTES3_Rweoi_krtiU+Rg@mail.gmail.com>
Date: Sun, 18 Nov 2012 01:45:47 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: cracking passwords with a kerberos traffic dump /
 aes256-cts-hmac-sha1-96 (18)

On Sun, Nov 18, 2012 at 1:14 AM, buawig <buawig@...il.com> wrote:
> Unfortunately I was not able to crack a known password with it.
> (although your test entry with password=openwall can be cracked)
>
> In my setup the username entered on the UI differs from the 'real'
> username this can be seen in the kerberos.etype_info2.salt value which
> shows the actual username + realm = salt (KRB5KDC_ERR_PREAUTH_REQUIRED
> packet) - anyway I tried it with both versions.
>
> Could you publish a sample pcap file including the john input file based
> on that pcap file?

Sure. Use http://dl.dropbox.com/u/1522424/KerberosCaptures.tar.gz and
see attached code.

I will upload this to the wiki later on.

-- 
Cheers,
Dhiru

View attachment "krb-ng_fmt_plug.c" of type "text/x-csrc" (14190 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.