Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

[NSE] domino-enum-passwords.nse patch

From: Martin Holst Swende <martin () swende se>
Date: Fri, 10 Dec 2010 11:02:45 +0100
Hi list,
I used Patrik's great domino-script to retrieve the password hashes from
a domino system. However, there was one glitch : lotus notes have two
hash variants : one legacy unsalted 32-bytes format, and one newer
20-bytes salted version. When I tried to throw the list into John, john
only detected the newer version. I modified the script to output two
lists, one for each found hashtype. In the output, it also informs about
the John-format to use for cracking the hashes.

Also, I think the script should be renamed to http-domino-enum-passwords
to align with other scripts. It is easy to miss that this script exists
(unless you have Patrik in the same room so he can tell you about it ;)
), since it is not http-* and not default.

Attaching the script and the diff.
Regards,
Martin

Attachment: diff.txt
Description:

Attachment: domino-enum-passwords.nse
Description: 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: