[15970] in Kerberos_V5_Development

home help back first fref pref prev next nref lref last post

Re: Question about FAST

daemon@ATHENA.MIT.EDU (Henry B. Hotz)
Thu Jul 8 16:14:29 2010

Mime-Version: 1.0 (Apple Message framework v1081)
From: "Henry B. Hotz" <hotz@jpl.nasa.gov>
In-Reply-To: <232579.48360.qm@web76013.mail.sg1.yahoo.com>
Date: Thu, 8 Jul 2010 13:14:23 -0700
Message-Id: <AE1E5D0F-D270-4E1F-B691-F9CB5214FF69@jpl.nasa.gov>
To: kristian <x_astroboyz@yahoo.co.id>
Cc: "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu

I've never run JtR myself.  Just talked to people who have.  It seems to be popular at AFS installations.

My impression was that it required a dump of the kerberos database to operate.  Presumably the JtR documentation is the place to go (not me).

On Jul 8, 2010, at 12:08 PM, kristian wrote:

> 
> On 9/7/10, Henry B. Hotz <hotz@jpl.nasa.gov> wrote :
> 
> > John the Ripper supports single-des keys, and I think it requires an AFS3 salt as well.  
> > Neither of those are enabled by default in current installations.
> 
> They claim that JTR can decrypt TGT of kerberos V5, but where can I get the AS_REP hex string to be decrypted? Instead the hex string of ticket in AS_REP always changes and the code entered in JTR must be static, I think.
> So, any idea how to decrypt AS_REP to get the ticket by performing offline dictionary attack ?

------------------------------------------------------
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu




_______________________________________________
krbdev mailing list             krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev

home help back first fref pref prev next nref lref last post