On Fri, Jul 15, 2011 at 8:03 PM, Mark Phillips <mark@phillipsmarketing.biz> wrote:


On Fri, Jul 15, 2011 at 7:27 PM, Lisa Kachold <lisakachold@obnosis.com> wrote:
Mark,

On Thu, Jul 14, 2011 at 6:56 PM, Mark Phillips <mark@phillipsmarketing.biz> wrote:

Lisa,

John the Ripper has been running for almost 2 days trying to crack the password....still no success.


I think it's hung. 
Nope. the log file keeps spitting out what it is testing. I stopped it today and moved the process to another machine. You can see the results as reported in the log file at http://pastebin.com/pBZHfAS2 when I stopped the program . The other machine is slower (about 1.85 times slower, so it will take until Monday for it to catch up....the original machine was a x64, and the new machine is an i386, so I couldn't resume on the new machine). I will let you know if it finds the password after a week or two....;-)
 
What options did you pass it?
None. Except that I used another program that came with john to join the passwd and shadow files into one file. John needed that. I can send you the passwd  file if you are interested.

Did you feed it a dictionary file?
Just the one that came with john...

It probably has a different encryption format than the linux john is on. 

What ports are open on the thing?  SSH?  You can try ettercap with arp spoof MITM?
SSH seems to be open since it asks for a password. rsync and telnet are all that I know. There is a java "hack" program acp_commander.jar that will connect with telnet, but I do not get any response from the device, although it says it is connected. acp-commander.jar use to be the way in, but since firmware version 1.41, it has not worked. http://downloads.buffalo.nas-central.org/TOOLS/ALL_LS_KB_ARM9/ACP_COMMANDER/, http://buffalo.nas-central.org/index.php/Open_Stock_Firmware and my particular box.

I have downloaded the firmware for the box and modified it to accept ssh login without a password (using ssh keys). I just have not been able to reflash the unit. The web interface only flashes what it downloads from buffalo.com. The windows program the box came with does not have a way to flash the unit. Embedded in the firmware download is a windows exe which is supposed to be a program to flash the unit....just haven't had the intestinal fortitude to try it out...I need to find the "way back" in case I brick the device, and I haven't had time to research that.

Thanks for your interest!  

P.S. You have no idea how hard it is to not type "dear john" every time I refer to the program "john the ripper".....;-)  anyway, back to TGIF time....;-)

Mark

:)

Mark

On Jul 14, 2011 4:28 PM, "Lisa Kachold" <lisakachold@obnosis.com> wrote:
> If you don't have the ability to boot something like a DVD/CD or USB key,
> try john the ripper?
>
> Save the encrypted string to a test file and run it through john the ripper
> running on your system:
>
> Ubuntu:
>
> # apt-get install john
>
> Centos/RH/Fedora:
>
> # yum install john
>
> Example use:
>
> # john -single crackme.txt
>
> References:
>
> http://www.openwall.com/john/doc/
>
> http://www.google.com/url?sa=t&source=video&cd=1&ved=0CDIQtwIwAA&url=http%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3D3YyscD_tADk&rct=j&q=john%20the%20ripper&tbm=vid&ei=t3ofTsXRNqTv0gHB2bmYAw&usg=AFQjCNE8vdlkxhwQ15zCuBePI9Y9qk3mAQ&cad=rja
>
> http://www.osix.net/modules/article/?id=455
>
>
> On Thu, Jul 14, 2011 at 11:19 AM, Sam Kreimeyer <skreimey@gmail.com> wrote:
>
>> Hello Mark,
>>
>> Have you tried using Kon-Boot? It's a bootable image that edits the kernel
>> to bypass the password prompt.
>>
>>
> --
> (602) 791-8002 Android
> (623) 239-3392 Skype
> (623) 688-3392 Google Voice
> **


Since this is a drive buffalo, I might try ettercap ssh downgrade attack:

http://openmaniak.com/ettercap_filter.php
ttp://sites.google.com/site/clickdeathsquad/Home/cds-ssh-mitmdowngrade

Or Hydra:

Hydra Instructions:

http://www.youtube.com/watch?v=7CP-JB4QARo

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss


---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss



--
(602) 791-8002  Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice


HomeSmartInternational.com