Re: NetScreen Password Hash

From: David Moore (dave@moorehome.co.uk)
Date: Tue Feb 05 2008 - 04:33:32 EST


Hi,

I read somewhere that netscreen inserts consonants of the word
'netscreen' backwards into the hash. Something like
..n...r..c..s..t...n.. I did check if this is correct on a 5GT and it
appears to be true. Removing these letters should leave a hash which is
crackable. I didn't go as far as cracking it but might work.
Hope this helps

Serdar Cetin wrote:
> Hey ;
>
> I am doing a penetration test and i managed to get the config file of
> netscreen 204 , i want to crack password so i can get Access to device (I
> got the admin manager ips) but i couldnt figure out the type of password
> hash , i have also searched the google nothing but old archive about same
> issue looks like a failure ! , is there any1 knows how to get around the
> password hash or a tool to crack the password hash of netscreen 204 config
> file , also I would like to know it its possible to sniff data over vpn , I
> mean I got a vpn(l2tp) connection to remote LAN and I want to use this
> connection to use sniff data on remote lan , any tools , paper would be
> great thnx.
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>
>

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:23 EDT