[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using John the Ripper with Heimdal

>How about posting the reference?  I can't find it, and it's not at all
>clear to me what the patch expects.  Also it seems only to deal with

I was curious about that as well.  AFAICT, it wants encrypted TGTs off
the wire (I'm not sure if it just wants the encrypted part, or the
whole thing); well, I guess technically a TGT itself isn't useful for
a password cracker, it probably wants an AS-REP.

This would be useful if you were an attacker and was sniffing the wire
for responses from the KDC.  It's not so useful if your an admin and
want to run it against an existing database.

Personally, I think running cracklib during password changes is a lot more
effective (you _do_ have a password changing policy, don't you? :-) ).