Re: Netware 5.x rconsole password hash cracking

[Julien GROSJEAN - Proxiad <j.grosjean () proxiad com>]

Hy,

did you try with Cain&Abel ?

And about Pandora, i can read this :

Pandora v4.0 Beta 2.1. General features include:

    Netware *5* support for both offline and online programs.

Offline features:

     A true password auditing tool for Netware 4 and *5*.
     Importing and sorting of password data from different sources, 
including BACKUP.DS, BACKUP.NDS, and DSREPAIR.DIB files for Netware 4 
and *5*.

Cheers.

one () two com a écrit :
> Hi list,
>
> I have obtained the rconsole password hash for a Netware 5.6 rev 3 server, and was wondering whether anyone knows of a 
> tool, or algorthm, to reverse, crack or brute-force this type of password hash.
>
> I know that for Netware 4.x systems the rconsole password can be reversed using tools such as Pandora, but I could not 
> find anything for Netware 5.x systems.
>
> I have tried using Pandora to reverse the hash but it comes back with junk as the password, which is unlikely to be 
> correct.
>
> Thanks for your help.
>
> Cheers,
> One2
>
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security? 
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
> Choice Award from eWeek. As attacks through web applications continue to rise, 
> you need to proactively protect your applications from hackers. Cenzic has the 
> most comprehensive solutions to meet your application security penetration 
> testing and vulnerability management needs. You have an option to go with a 
> managed service (Cenzic ClickToSecure) or an enterprise software 
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
> help you: http://www.cenzic.com/news_events/wpappsec.php 
> And, now for a limited time we can do a FREE audit for you to confirm your 
> results from other product. Contact us at request () cenzic com for details.
> ------------------------------------------------------------------------------

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------