From: Marc Ruef (maru@scip.ch)
Date: Mon Sep 08 2003 - 07:23:03 EDT
Dear Mike,
Dear List,
> The netscreen definitely uuses a md5 hash on the configs. You can
> download a m5 brute force tool and let it run on the file.
Hmm, I can't acknowledge this statement.
If I start MDcrack v1.2 on my Windows box with the hash as parameter,
I'll get an error "A md5 digest must have 16 bytes length (32 ascii
digits from 0 to F)."
All my passwords have the following structure:
- All of them have a lenght of 30 chars
- All of them begin and end with an "n"
- The 2nd char is always capitalized
- The 7th char is always an "r"
- The 13th char is always an "c"
- The 18th char is always an "s"
- The 24th char is always an "t"
- The chars a-z, A-Z and a few special chars (e.g. + and /) are used
Following an statistic analysis of the charset:
a b c d e f g h i j k l m n
2 1 22 2 5 1 6 6 1 1 5 11 5 22
^^ ^^ ^^
o p q r s t u v w x y z
6 6 2 22 22 22 2 2 6 3 10 2
^^ ^^ ^^ ^^
It seems that the flagged chars own a special purpose.
A B C D E F G H I J K L M
12 4 8 16 3 18 19 7 18 7 11 15 6
N O P Q R S T U V W X Y Z
9 9 15 1 12 1 11 11 3 11 2 14 2
Yours,
Marc
---------------------------------------------------------------------------
FREE Trial!
New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL
and PROFESSIONAL TL software. Fast, reliable vulnerability assessment
technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:39 EDT