Re: NetScreen Password Hash

["Tim Eberhard" <xmin0s () gmail com>]

The netscreens use MD5 hashes with the consonants of the word
NETSCREEN spelled backwords in the hash. All you need to do is remove
these and them brute force the MD5.

Here are some previous topics on this:

http://www.derkeiler.com/Mailing-Lists/securityfocus/pen-test/2003-09/0090.html
 http://seclists.org/pen-test/2006/Jan/0087.html

Tim Eberhard
JNCIS-FWV, JNCIS-M

On Jan 31, 2008 1:47 AM, Serdar Cetin <cetinserdar () e-kolay net> wrote:
> Hey ;
>
> I am doing a penetration test and i managed to get the config file of
> netscreen 204 , i want to crack password so i can get Access to device (I
> got the admin manager ips) but i couldnt figure out the type of password
> hash , i have also searched the google nothing but old archive about same
> issue looks like a failure  ! , is there any1 knows how to get around the
> password hash or a tool to crack the password hash of netscreen 204 config
> file , also I would like to know it its possible to sniff data over vpn , I
> mean I got a vpn(l2tp) connection to remote LAN and I want to use this
> connection to use sniff data on remote lan , any tools , paper would be
> great thnx.
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------