Jeroen wrote:
> I can reproduce the things mentioned for user/pass-combinations sized 64
> bits. For larger combinations (> 64 bits ---> 2 or more 64 bits DES blocks)
> I can't figure out yet how things work. Have some of you guys 'n girls
> already played around with this description? And are you willing to share
> results?
>
> Thanks,
>
> Jeroen
AFAIK, it works this way:
* usernames and password are concatenated in a string s
* s is converted to unicode
* it is encrypted using des ncbc mode, with key 0x123456789abcdef, and
initialization vector 0
* the same string is encrypted again using the updated initialization
vector as a key, with another null initialization vector
* the updated initialization vector is the hash
Attached is the corresponding john plugin. It is somehow like the mscash
plugin in the sense that it uses usernames, that means it wont work
properly out of the box, manual tweaking is required. Bob the Butcher
will provide this cipher by default when it ships.
At least it is way better than those SQL password checking scripts.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Received on Aug 25 2005
Intro
