From: Mark Evans (Mark.Evans@Optimation.co.nz)
Date: Tue Sep 09 2003 - 22:36:47 EDT
as was pointed out to me off-list (thanks), the
username is (as per my subsequent discourse) the
apparent salt, notwithstanding my previous
assertion.
but given that it is in cleartext in the config
it doesn't help much.
cheers,
-- me > From: Mark Evans [mailto:Mark.Evans@Optimation.co.nz] > Subject: RE: Cracking a Netscreen password > > there is no apparent salt (or variation) in the hashing > the hash is a combo of both the name & password. --------------------------------------------------------------------------- FREE Trial! New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL and PROFESSIONAL TL software. Fast, reliable vulnerability assessment technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825 ----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:39 EDT