OMEN Improvements
“If I had an hour to solve a problem, I would spend 55 minutes thinking about the problem and five minutes finding the solution.”- Proverb falsely attributed to Albert EinsteinIntroduction:I'm a big fan of graphing password cracking sessions. It's a good way to figure out what's working and what isn't by ... Read More
OMEN Improvements
“If I had an hour to solve a problem, I would spend 55 minutes thinking about the problem and five minutes finding the solution.”- Proverb falsely attributed to Albert EinsteinIntroduction:I'm a big fan of graphing password cracking sessions. It's a good way to figure out what's working and what isn't by ... Read More
Analyzing Tokenizer Part 2: Omen + Tokenizer
“I have not failed. I've just found 10,000 ways that won't work”- Thomas EdisonIntroduction:This is a continuation of a deep dive into John the Ripper's new Tokenizer attack. Instruction on how to configure and run the original version of Tokenizer can be found [Here]. As a warning, those instructions need to ... Read More
Analyzing Tokenizer Part 2: Omen + Tokenizer
“I have not failed. I've just found 10,000 ways that won't work”- Thomas EdisonIntroduction:This is a continuation of a deep dive into John the Ripper's new Tokenizer attack. Instruction on how to configure and run the original version of Tokenizer can be found [Here]. As a warning, those instructions need to ... Read More
Analyzing JtR’s Tokenizer Attack (Round 1)
Introduction / Goals / Scope:This is a follow-up to my previous blog post looking at how to install/run the new John the Ripper Tokenizer attack [Link]. The focus of this post will be on performing a first pass analysis about how the Tokenizer attack actually performs.Before I dive into the ... Read More
Analyzing JtR’s Tokenizer Attack (Round 1)
Introduction / Goals / Scope:This is a follow-up to my previous blog post looking at how to install/run the new John the Ripper Tokenizer attack [Link]. The focus of this post will be on performing a first pass analysis about how the Tokenizer attack actually performs.Before I dive into the ... Read More
Running JtR’s Tokenizer Attack
Disclaimer 1: This blog post is on a new and still under development toolset in John the Ripper. Results depict the state of the toolset as-is and may not reflect changes made as the toolset evolves.Disclaimer 2: I really need to run some actual tests and password cracking sessions using ... Read More
Extracting Secrets from Packet Captures (A CMIYC2024 Story)
"Interest is the most important thing in life; happiness is temporary, but interest is continuous."- Georgia O'KeeffeIntroduction:The focus of this blog entry will be on tools and scripts to analyze packet captures. This is the result of falling down a rabbit hole when writing the previous tutorial on the CMIYC 2024 ... Read More
CMIYC2024: Wifi Cracking Challenge
"It is never too late to be who you might have been."- George ElliotIntroduction:This is a continuation of my write-up about this year's Crack Me If You Can challenges. You can view my previous two write-ups using the following links. Each one covered a specific challenge of the CMIYC contest: ... Read More
CMIYC 2024: RAdmin3 Challenge
"Nothing is more permanent than a temporary solution."- Russian ProverbIntroduction:This is a continuation of my write-up about this year's Crack Me If You Can challenge. You can view the previous entry focusing on the StripHash challenge [here]. Like the last write-up, this one is going to focus on one specific ... Read More
