RE: Cracking a Netscreen password

From: Mark Evans (Mark.Evans@Optimation.co.nz)
Date: Wed Sep 10 2003 - 16:51:06 EDT


> From: Ben Nagy [mailto:ben@iagu.net]
> Subject: RE: Cracking a Netscreen password
>
> Do you get anything nice if you try known plaintext stuff?
> Try this kind of thing for user/pass combos: aaa aaa, bbb
> bbb, aaa aab, aaa bbb, bbb aaa....

presumably the output file (/tmp/ns-input) from
the following shell script then sent to the
netscreen via minicom or similar would achieve
this (assuming the output is captured):

for i in b c d e
do
 for j in b c d e
 do
   for k in b c d e
   do
     echo set admin user $i$j$k password $i$j$k >> /tmp/ns-input
     echo get conf \| inc privilege >> /tmp/ns-input
     echo unset admin user $i$j$k >> /tmp/ns-input
   done
 done
done

cheers,

-- 
me
---------------------------------------------------------------------------
FREE Trial!
New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL 
and PROFESSIONAL TL software. Fast, reliable vulnerability assessment 
technology powered by the award-winning FoundScan engine. Try it free for  21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825
----------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:39 EDT