RE: FYI: FW: Cisco Secret 5 and John Password Cracker
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Sat, 5 Nov 2005 12:27:48 -0600
:-)
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> Sent: Saturday, November 05, 2005 11:53 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: FYI: FW: Cisco Secret 5 and John
> Password Cracker
>
> http://www.ISAserver.org
>
> Don't tell Tony...
> He'll start up about his
> blind-ip-spoofing-based-exch-isa-server-publishing-local-host-
> spam-attac
> k-and-a-bag-o-chips dissertation again...
>
> -----Original Message-----
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> Sent: Saturday, November 05, 2005 9:41 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] FYI: FW: Cisco Secret 5 and John Password Cracker
>
> http://www.ISAserver.org
>
> Cain & Abel is a password recovery tool for Microsoft
> Operating Systems.
> It allows easy recovery of various kind of passwords by sniffing the
> network, cracking encrypted passwords using Dictionary,
> Brute-Force and
> Cryptanalysis attacks, recording VoIP conversations, decoding
> scrambled
> passwords, revealing password boxes, uncovering cached passwords and
> analyzing routing protocols.
>
> The program does not exploit any software
> vulnerabilities or bugs that could not be fixed with little effort. It
> covers some security aspects/weakness present in protocol's standards,
> authentication methods and caching mechanisms; its main purpose is the
> simplified recovery of passwords and credentials from various sources,
> however it also ships some "non standard" utilities for Microsoft
> Windows users.
>
> Cain & Abel has been developed in the hope that it will be useful for
> network administrators, teachers, security consultants/professionals,
> forensic staff, security software vendors, professional penetration
> tester and everyone else that plans to use it for ethical reasons. The
> author will not help or support any illegal activity done with this
> program. Be warned that there is the possibility that you will cause
> damages and/or loss of data using this software and that in no events
> shall the author be liable for such damages or loss of data. Please
> carefully read the License Agreement included in the program before
> using it.
>
> The latest version is faster and contains a lot of new
> features like APR
> (Arp Poison Routing) which enables sniffing on switched LANs and
> Man-in-the-Middle attacks. The sniffer in this version can
> also analyze
> encrypted protocols such as SSH-1 and HTTPS, and contains filters to
> capture credentials from a wide range of authentication
> mechanisms. The
> new version also ships routing protocols authentication monitors and
> routes extractors, dictionary and brute-force crackers for all common
> hashing algorithms and for several specific authentications,
> password/hash calculators, cryptanalysis attacks, password
> decoders and
> some not so common utilities related to network and system security.
>
> -----Original Message-----
> From: Unknown User [mailto:9nkn0wn@xxxxxxxxx]
> Sent: Thursday, November 03, 2005 10:27 AM
> To: pen-test@xxxxxxxxxxxxxxxxx
> Subject: Cisco Secret 5 and John Password Cracker
>
> Hi
>
> I have recovered some cisco passwords that are encrypted using the
> secret 5 format. They look like this
>
> $1$Wgqc$sbb8R/2rtOhc7t86J5axj.
>
> The question is can i simply plug this into a standard unix type
> shadow file format and use john to crack. I've tried this but I'm not
> convinced that John is actually working. Its also incrediblly slow.
> Any other tools available to crack these types of passwords.
>
> Thanks
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> All mail to and from this domain is GFI-scanned.
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
Other related posts:
