Re: NetScreen Password Hash

[David Moore <dave () moorehome co uk>]

Hi,

I read somewhere that netscreen inserts consonants of the word 
'netscreen' backwards into the hash. Something like 
..n...r..c..s..t...n.. I did check if this is correct on a 5GT and it 
appears to be true. Removing these letters should leave a hash which is 
crackable. I didn't go as far as cracking it but might work.
Hope this helps



Serdar Cetin wrote:
> Hey ;
>
> I am doing a penetration test and i managed to get the config file of
> netscreen 204 , i want to crack password so i can get Access to device (I
> got the admin manager ips) but i couldnt figure out the type of password
> hash , i have also searched the google nothing but old archive about same
> issue looks like a failure  ! , is there any1 knows how to get around the
> password hash or a tool to crack the password hash of netscreen 204 config
> file , also I would like to know it its possible to sniff data over vpn , I
> mean I got a vpn(l2tp) connection to remote LAN and I want to use this
> connection to use sniff data on remote lan , any tools , paper would be
> great thnx.
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>
>   

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------