john-users - Cracking HSRP MD5 authentication "hashes"

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [thread-next>] [day] [month] [year] [list]

Message-ID: <alpine.DEB.2.11.1409020933450.11092@roameo.localdomain>
Date: Tue, 2 Sep 2014 09:47:43 +0200 (CEST)
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-users@...ts.openwall.com
Subject: Cracking HSRP MD5 authentication "hashes"

Hi,

I have added support for cracking HSRP MD5 authentication "hashes" to
JtR-jumbo (in the bleeding-jumbo branch), which you can get from the
following URL,

https://github.com/magnumripper/JohnTheRipper

$ python ../run/hsrp2john.py HSRP-auth-md5-openwall.pcap > hsrp-hashes

$ ../run/john hsrp-hashes -w=wordlist
Loaded 5 password hashes with 5 different salts (hsrp, HSRP MD5 ...)
openwall         (?)
...

$ OMP_NUM_THREADS=2 ../run/john --format=hsrp --test  # i7-4750HQ
Will run 2 OpenMP threads
Benchmarking: hsrp, HSRP MD5 authentication [MD5 32/64]...
Many salts:	5240K c/s real, 2620K c/s virtual
Only one salt:	4503K c/s real, 2263K c/s virtual

Sample .pcap files are available on the https://github.com/kholia/my-pcaps
page. This repository also documents the reversing process for fun.

Dhiru

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.