Penetration Testing mailing list archives
Re: [PEN-TEST] Brute Forcing MS-EFS
From: Clem Colman <clem () COLMANCOMM COM>
Date: Mon, 4 Dec 2000 15:06:18 +1100
-----Original Message----- From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf Of Dug Song Sent: Monday, 4 December 2000 3:42 AM To: PEN-TEST () SECURITYFOCUS COM Subject: Re: [PEN-TEST] Brute Forcing MS-EFS
<snip>
brute forcing a 120-bit key in any reasonable amount of time is really an exercise in futility, unless a dictionary attack is possible. if this is the case, let me know, and perhaps i can hack something up quickly as an extension to John the Ripper... :-)
<snip> If the private key is stored on the machine, ie you can get at it, surely the fastest attack would be against the passphrase on the private key. Certainly much faster than going after even 56 bit DES. No doubt the passphrase will be something tricky (ie plain english word less than 9 characters in length). Cheers, Clem.
Current thread:
- [PEN-TEST] Brute Forcing MS-EFS Yonatan Bokovza (Dec 04)
- Re: [PEN-TEST] Brute Forcing MS-EFS Ryan Russell (Dec 04)
- Re: [PEN-TEST] Brute Forcing MS-EFS Dug Song (Dec 04)
- Re: [PEN-TEST] Brute Forcing MS-EFS Dug Song (Dec 04)
- Re: [PEN-TEST] Brute Forcing MS-EFS Clem Colman (Dec 05)
- <Possible follow-ups>
- Re: [PEN-TEST] Brute Forcing MS-EFS John Curran (Dec 05)
- Re: [PEN-TEST] Brute Forcing MS-EFS Ryan Russell (Dec 04)