Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CANO7a6yki25GJuwjCB4kmBp++6ThcQaQG9BR405a9fBbXKYAmQ@mail.gmail.com>
Date: Sun, 18 Nov 2012 12:33:44 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: cracking passwords with a kerberos traffic dump /
 aes256-cts-hmac-sha1-96 (18)

On Sun, Nov 18, 2012 at 6:34 AM, magnum <john.magnum@...hmail.com> wrote:
> On 17 Nov, 2012, at 22:03 , Dhiru Kholia <dhiru.kholia@...il.com> wrote:
>>> The password in my case is 15+ (maybe MS is using a different hash with
>>> length=15+ passwords? (...a shot in the blue)
>>> What setup do you have? Win7 client + Server 2003?
>>
>> Both my Kerberos server and client are CentOS (Linux) 6.3 machines.
>
> As in standard Kerberos?

Yes. I have tested my plug-in only on standard Kerberos data.

> OTOH your test vector do have that known plaintext timestamp. That is interesting. Does that mean the plaintext attack can be used against non-Microsoft authentications as well?

I am not sure if this attack can be used against M$ AD implementation.
I will do testing (and debugging) on M$ AD soon.

-- 
Cheers,
Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.