Nmap Development mailing list archives
[NSE] domino-enum-passwords.nse patch
From: Martin Holst Swende <martin () swende se>
Date: Fri, 10 Dec 2010 11:02:45 +0100
Hi list, I used Patrik's great domino-script to retrieve the password hashes from a domino system. However, there was one glitch : lotus notes have two hash variants : one legacy unsalted 32-bytes format, and one newer 20-bytes salted version. When I tried to throw the list into John, john only detected the newer version. I modified the script to output two lists, one for each found hashtype. In the output, it also informs about the John-format to use for cracking the hashes. Also, I think the script should be renamed to http-domino-enum-passwords to align with other scripts. It is easy to miss that this script exists (unless you have Patrik in the same room so he can tell you about it ;) ), since it is not http-* and not default. Attaching the script and the diff. Regards, Martin
Attachment:
diff.txt
Description:
Attachment:
domino-enum-passwords.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] domino-enum-passwords.nse patch Martin Holst Swende (Dec 10)
- Re: [NSE] domino-enum-passwords.nse patch Patrik Karlsson (Dec 10)
- Re: [NSE] domino-enum-passwords.nse patch David Fifield (Dec 12)
- Re: [NSE] domino-enum-passwords.nse patch Patrik Karlsson (Dec 15)
- Re: [NSE] domino-enum-passwords.nse patch David Fifield (Dec 12)
- Re: [NSE] domino-enum-passwords.nse patch Patrik Karlsson (Dec 10)