Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: backorifice-info
From: Gorjan Petrovski <mogi57 () gmail com>
Date: Wed, 20 Apr 2011 17:23:26 +0200

On Wed, Apr 20, 2011 at 12:49 PM, Toni Ruottu <toni.ruottu () iki fi> wrote:
Are you planning to try all seed values? Would it make sense to
generate a table that has one password for each seed value, so you
could return that password to the user when you find the correct seed?

I'm still analyzing the resulting seed values from the encryption, and
I plan to try only those seeds that can be generated. I was also
thinking of optimizing the order in which the seeds are tried
according to most used passwords.
A password is only used to generate an initial seed. That's why I am
not going to return a fitting password for a successful seed, instead
I'll pass the seed itself as a script argument. The backorifice-info
script already accepts such an argument.

Gorjan Petrovski
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]