[15971] in Kerberos_V5_Development
Re: Question about FAST
daemon@ATHENA.MIT.EDU (Thomas Kula)
Thu Jul 8 16:24:01 2010
Date: Thu, 8 Jul 2010 16:23:58 -0400
From: Thomas Kula <kula@tproa.net>
To: krbdev@mit.edu
Message-ID: <20100708202358.GI27949@mcketrick.tproa.net>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <AE1E5D0F-D270-4E1F-B691-F9CB5214FF69@jpl.nasa.gov>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Thu, Jul 08, 2010 at 01:14:23PM -0700, Henry B. Hotz wrote:
> I've never run JtR myself. Just talked to people who have. It seems to be popular at AFS installations.
>
> My impression was that it required a dump of the kerberos database to operate. Presumably the JtR documentation is the place to go (not me).
>
We run JtR here at UMICH as part of an auditing process. It
does require a dump of the kerberos database, and we have a
perl script that takes the dump, looks for AFS3 salted
single-des keys and turns them into a format we can pass
into JtR.
I have no idea how you'd use a captured AS_REP going by
to do an offline dictionary attack with JtR, or even if
JtR is the most effective tool for attempting that.
--
Thomas L. Kula | kula@tproa.net | http://kula.tproa.net/
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev