RE: Cracking a Netscreen password

From: Ben Nagy (ben@iagu.net)
Date: Mon Sep 15 2003 - 14:19:21 EDT

• Next message: Stephen de Vries: "Port 58000"
• Previous message: Pera Mis: "Inquiry: packet crafting tools for encapsulated protocols?"
• In reply to: Chris Ess: "RE: Cracking a Netscreen password"
• Next in thread: Steve Goldsby (ICS): "RE: Cracking a Netscreen password"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Padding. 24 == 8 * 3 (byte boundaries)

If I echo something into openssl md5 then into openssl base64 I get 24
characters (last 2 always ==). It actually mentions this in the Digest::MD5
documentation....

This is fun.

ben

[...]
> The string appears to be base64 encoded. However, from the
> Digest::MD5
> man page: "A base64 digest will be 22 characters long."
>
> Even if you include the always-caps letters, you have 24 characters.

---------------------------------------------------------------------------
FREE Trial!
New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL
and PROFESSIONAL TL software. Fast, reliable vulnerability assessment
technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825
----------------------------------------------------------------------------

• Next message: Stephen de Vries: "Port 58000"
• Previous message: Pera Mis: "Inquiry: packet crafting tools for encapsulated protocols?"
• In reply to: Chris Ess: "RE: Cracking a Netscreen password"
• Next in thread: Steve Goldsby (ICS): "RE: Cracking a Netscreen password"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:40 EDT