Kerberos Password Sniffing

Jacques A. Vidrine nectar at
Sun Dec 1 11:39:05 EST 2002

On Sat, Nov 30, 2002 at 08:24:55PM -0800, Russ Allbery wrote:
> Paul Vixie <vixie at> writes:
> > is there a "crack" module for kerberos?  after reading the stanford
> > paper about how kerberos tickets could be attacked offline, i've been
> > wanting to actually try this -- no sniffing is required -- against my
> > own kerberos db to look for easy to guess passwords.
> Note that the findings of that paper only apply if you use Kerberos v4 or
> don't have preauth turned on.  If you're using Kerberos v5 with preauth
> turned on for all users, you cannot launch that style of off-line attack.

If you can sniff the network, you can collect the preauthentication
data and/or the AS-REP and use that ciphertext to launch an off-line
attack quite easily.  There is also a third method of collecting such
data if you have a valid principal and password in the target realm, for
which you need not even have the capability of sniffing the network.

> I know that Jack the Ripper has code available to work against an AFS
> kaserver database, but I don't know about Kerberos v5.  

It is trivial to write additional code for Jack the Ripper to crack
Kerberos 5 passwords (either from a KDC database or collected as
mentioned above) --- less than two hours work.

> We link cracklib
> along with additional fascist rules into our kadmind and basically try to
> "pre-crack" passwords whenever anyone changes them.

Good idea.

Jacques A. Vidrine <nectar at>
NTT/Verio SME          .     FreeBSD UNIX     .       Heimdal Kerberos
jvidrine at     .  nectar at  .          nectar at

More information about the Kerberos mailing list