[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

database "password cracker"?



When we were using the AFS kaserver we had a tool which would parse the
Ubik database and attempt to match DES keys in it to a set of keys
generating by crypting passwords from a flat list or as generated by
rules. (It was a modified version of "Crack" and we distribute it)

We switched to a heimdal kdc. I'm in the position of needing this. I
assume no one else has already done it (If someone has, we don't have the
NIH problem). Basically I'm thinking in terms of taking a database dump
and comparing the same basic list to the v4-salted DES keys in the dump.
Dealing with keys that have a non-null-salt would be lots of extra work. I
may just modify the Crack we have to read keys from a dump, unless someone
else has a good idea.

Comments?