Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CANO7a6yNbJbdehBAWroKkC7e_tZQKpAH4rryf7FyT2kQVO9hwg@mail.gmail.com>
Date: Sun, 18 Nov 2012 02:33:38 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: cracking passwords with a kerberos traffic dump /
 aes256-cts-hmac-sha1-96 (18)

On Sun, Nov 18, 2012 at 2:19 AM, buawig <buawig@...il.com> wrote:
>> Sure. Use http://dl.dropbox.com/u/1522424/KerberosCaptures.tar.gz and
>> see attached code.
>
> So my method to create john input files from pcap files matches yours..
> but does not crack.
>
> The only remaining idea I would have now..
> Could you try to use a 15+ char password and see if it still works?

This might be because the newer PBKDF2 code I have used has limits on
password length. I can revert to safer (but slower) version.

I will try cracking a 15+ char password soon.

> The password in my case is 15+ (maybe MS is using a different hash with
> length=15+ passwords? (...a shot in the blue)
> What setup do you have? Win7 client + Server 2003?

Both my Kerberos server and client are CentOS (Linux) 6.3 machines.

It would be great if you can post a pcap file for a dummy user.

-- 
Cheers,
Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.