upvote

points

by cvoss150 days ago |
comments
upvoteby ospray149 days ago|
next
[-]
As a pentester kerberosting used to reveal a service password on about 50% of networks on the 2010s when admins were making the passwords. Today our advice to clients on kerberosting is the same as it was back then, use a password manager to generate a 21 character password for all service accounts and disabled RC4 where possible. 52^21 is quite a large key space and even at 10^10 guesses per second over a year your chances are less than 1 in a billion of a successful crack.
reply
upvoteby Graphon1149 days ago|
parent|
next
[-]
> disabled RC4 where possible

I'm curious. Under what circumstances would it be _not_ possible to disable RC4?

Is this in case there is a Windows 98 machine running somewhere in the network?

reply
upvoteby mgiampapa149 days ago|
parent|
[-]
In my experience it's always been legacy hardware or industrial automation where it would cost millions to update the equipment / software. Simply limiting the blast radius of those systems and isolating them on the network into their own security zone is always less expensive and thus the perfectly reasonable solution.
reply
upvoteby hinkley149 days ago|
parent|
prev|
[-]
Cheap Cloud storage has never returned rainbow tables to viability, right? I stopped checking sometime after I got out of the space.
reply
upvoteby slt2021149 days ago|
parent|
[-]
salting defeats the rainbow table, kerberos uses PBKDF2 that defeats the rainbows
reply
upvoteby MattPalmer1086149 days ago|
prev|
[-]
Good point, it's computing not cracking.

I will make a slight subtle distinction though. Cracking a hash doesn't mean determining what the input must have been. It means finding an input that resolves to the same hash - not necessarily the original input.

reply
upvoteby zelphirkalt149 days ago|
parent|
[-]
Not sure why this is downvoted, as hash collisions can happen, even if unlikely.
reply
upvoteby MattPalmer1086149 days ago|
parent|
next
[-]
Due to the pigeonhole principle they are inevitable. At least if the input space is bigger than the output, which may not be the case for passwords of course.

Still, even if they are shorter, if you do find a hash pre-image you don't actually know for absolute certain that what you found was the original input. Collisions are still possible.

In practical terms this doesn't really matter mostly. It's just good to be very clear about what you actually know when dealing with cryptography.

reply
upvoteby privatelypublic149 days ago|
parent|
prev|
[-]
Given that a collision is technically what they're looking for.

They're just limiting the input to a "reasonable" range to find one faster.

Side note: A quick look through the iOS keyboard shows another 25+ characters that can be reasonably expected to match between operating systems. I need to try using some of them in my passwords. Going from 70^(length) to 100^(Length) is nothing to scoff at.

reply