A number of years ago one of the employees here at NCSA, Von Welch, wrote a conversion utility for Crack 5.0 which converts kerberos 5 keys to SPF format (krb52spf.c and mods to elcid.c). I have used it and it works very well. I can try to package these up if anyone is interested.
On Sun, Dec 01, 2002 at 04:03:47AM +0000, Paul Vixie wrote: > [EMAIL PROTECTED] (John Hascall) writes: > > > This is why good password choice is *critical*. If my password > > is "hello" then I will be cracked by this process in short > > order. If my password is "Op+f@1btsIstd" it is extremely unlikely > > this is one of the keys they have to try so I am safe. > > is there a "crack" module for kerberos? after reading the stanford paper > about how kerberos tickets could be attacked offline, i've been wanting to > actually try this -- no sniffing is required -- against my own kerberos db > to look for easy to guess passwords. probably distributed.net should run > this as a contest or something. but is there a kit available or would i > have to be a black hat to get my hands on software like that? > -- > Paul Vixie > ________________________________________________ > Kerberos mailing list [EMAIL PROTECTED] > http://mailman.mit.edu/mailman/listinfo/kerberos -- James J. Barlow <[EMAIL PROTECTED]> Senior System/Security Engineer National Center for Supercomputing Applications Voice : (217)244-6403 605 East Springfield Avenue Champaign, IL 61820 Cell : (217)840-0601 http://www.ncsa.uiuc.edu/~jbarlow Fax : (217)244-1987 ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos
