Fist0urs
Fist0urs
Hi guys, I've been discussing with @skelsec at offensivecon. I planned to reverse stuff to implement it (as I did for the RC4 part) but he told me that he...
@kholia, the input hash formats accepted for the 23 enctype are as follows: https://github.com/magnumripper/JohnTheRipper/blob/111527672ad0740e330eacf1be8bff23e2f92fa3/src/krb5_tgs_fmt_plug.c#L61-L67 Unfortunately 17/18 require the user + realm in order to create a salt, so we must...
I'll update the associated helpers tools yes! Actually I was thinking about removing my tool "kerberom" from the repo as it is pretty deprecated. Now impacket does the job really...
Ok, I've implemented it in hashcat (https://github.com/hashcat/hashcat/pull/1955) Next step is implementing here. Regarding the input format I adopted this: ``` $krb5tgs$17$user$realm$checksum$edata2 $krb5tgs$17$user$realm$*spn*$checksum$edata2 $krb5tgs$18$user$realm$checksum$edata2 $krb5tgs$18$user$realm$*spn*$checksum$edata2 ``` I enclosed user and realm...
Hi there! Sorry I've been really busy lately... I'll try to take a look in the upcoming month :)
Hi there, I have quickly read what you did and nice job @philsmd! I've implemented the stuff in both jtr and hashcat for DPAPI and there is also a DPAPImk2john...
Hi @hycday, Windows offers a way to "migrate" between profiles that use DPAPI. Unfortunately at some point you will always have to rely on the masterkeys (usually in C:\Users\\AppData\Roaming\Microsoft\Protect\\, )...
Done. We should probably update the current release version. Keeping this ticket open until done, in order to remember about it :p
> Update: Solution [#125](https://github.com/bootleg/ret-sync/issues/125) works! Hi. So if I understand correctly #125, you hooked `SetForegroundWindow `from `user32.dll` imported by IDA?