Penetration Testing mailing list archives
Password Pen Test for CICS on AIX
From: Jason Brooks <jbrooks () longwood edu>
Date: Fri, 31 Oct 2003 16:32:45 -0500
Greetings,I am working for Longwood University's Information Security Department. We are planning to do some pen-testing on IBM's CICS system on AIX for password complexity, length, etc. I have been googling for a password cracker and general information on password storage in CICS. Having found nothing, I thought I would drop a line out to see if anyone on pen-test has any insight. My questions: 1) Where does IBM's CICS application store passwords? What is the format? 2) Is there a password cracker that can work against CICS, especially a password file, if it exists?
Thanks, Jason Brooks Jason Brooks Information Security Technician IITS 116 - B Coyner Longwood University 201 High Street Farmville, VA 23901 (434) 395-2796 --------------------------------------------------------------------------- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register at http://www.securityfocus.com/sponsor/RSA_pen-test_031023 and use priority code SF4. ----------------------------------------------------------------------------
Current thread:
- Password Pen Test for CICS on AIX Jason Brooks (Oct 31)