Forum sécurite : limitation/bug with the dictionary function of EnableSecret

Jerry · Invité

Hi,
is there a limitation or a bug with the dictionary function?
the dictionary has 23000 lines with the matching entry. for example "cisco"

I've got a message that no password was found, but with the "-view 1" option the key is calculated.

EnableSecret -password $1$Wx4W$YXHLyWM.LhIt7V5J6neJ3/ -dictionnary 1 -file_name_dico 123.txt -view 1
...
cigar-$1$Wx4W$hNXD2nFAsabqgppAiIwbm/
cindy-$1$Wx4W$svX4pObl6oIzJn0tsrPKC/
cisco-$1$Wx4W$YXHLyWM.LhIt7V5J6neJ3/
class-$1$Wx4W$5DJkDM5eO9MBZNXrCTFhG.
classic-$1$Wx4W$FUAaOjd5/XLuvsrMy.weZ0
claudia-$1$Wx4W$dxCmpswTlyHNaTr4417ts0
client-$1$Wx4W$RBEFhoSo63zFnOz9dnrRi/
clientes-$1$Wx4W$iHxtqMrCB1j22unPk4gaJ.

Sorry, but the password was not found

But the calculated secret $1$Wx4W$YXHLyWM.LhIt7V5J6neJ3/ and the "-password $1$Wx4W$YXHLyWM.LhIt7V5J6neJ3/" are the same.

with a small dictionary with less than 300 lines the result is
Yes, the password was found. It's : cisco

Is it a bug, feature or my fault.
Has anyone suggestions to use the whole dictionary?

Best regards
Jerry

_sebf · Site Admin Inscrit le: 27 Oct 2006 Messages: 33

Lu Jerry,

I create a dictionnary with 30000 entries and I place the word cisco at the end.

After I use your command :
EnableSecret -password $1$Wx4W$YXHLyWM.LhIt7V5J6neJ3/ -dictionnary 1 -file_name_dico 123.txt -view 1

And the exe found the good password.

Peraphs a bug, but not at home.

Peraphs a problem with your dictionnary (caracters, enter, ...)

regards,
_________________
_SebF
Sébastien FONTAINE

Jerry · Invité

hi,
thanks for testing.
i had generated a new dictionary and the problem is still there.

with try & error i think i ve found the limitation.

My dictionary includes words with large entrys >50 characters
with more than 40 chars (+=41) the program crashed with an windows error.
this problem was solved before i wrote this topic. Use less than 40 character.

with more than 18 characters (+=19) the calculated key is right but the verification of the given and the calculated key does not work.
If there is an enty with more than 18 chars all following passwords will be ignored.

with less or equal 18 Chars the verification worked well.
i think thats the limitation.

I split my dictionary, first dictionary to the maximum of 18 characters per line and it worked well.
Longer passwords hardly occur. Wink

Best regards
Jerry

_sebf · Site Admin Inscrit le: 27 Oct 2006 Messages: 33

Hi Jerry,

I tested the same command with my computer.

When I place a word with 319 characters, I obtain no error.
When I place a word with 320 characters, I obtain an windows error.

I don't have the same limit as you. (for the fun, 40*8=320:)

Else, when i place a long word in the disco, the password Cisco isn't found. Then I think is a problem with the memory and the declaration of my variables. I look that.

Thanks for your comment.

Regards
_________________
_SebF
Sébastien FONTAINE

_sebf · Site Admin Inscrit le: 27 Oct 2006 Messages: 33

Hi Jerry,

I found the problem. It's was the variable "TAILLE_MAX_MOT", I put the value 300.

Then now, the words in the dictionnary must be lower than 300 Bytes.

The news version is 1.1.3.12 and you can download it here.

Regards.
_________________
_SebF
Sébastien FONTAINE

Jerry · Invité

thank you for fixing the limitation _sebf,

i tried the new version with my old dictionary and it worked well.
Many thanks!

Jerry

A suggestion for future version is the implementation of the Cisco PIX Enable secret decryption.

mot clé : dos function the bug vpn intrusion reseau forum post dictionary attaques securite limitation enablesecret aide authentification of with