PoyBoy Posted September 6, 2006 Share Posted September 6, 2006 I have a question for you guys: What is the most effective way in your mind to take out a kerberos server? Doesnt matter what version or anything, im just wondering what are the merits of "disabling" certain parts. I was thinking that if there is a network time server, to make it go wonky and give out random times. Any ideas? (google's your friend people, dont bother posting. I just want an opinion.) Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted September 7, 2006 Share Posted September 7, 2006 catnip, or maybe some yarn. Quote Link to comment Share on other sites More sharing options...
Garda Posted September 7, 2006 Share Posted September 7, 2006 catnip, or maybe some yarn. hahahahahahahahahaha!!!!!!!!!!! Quote Link to comment Share on other sites More sharing options...
PoyBoy Posted September 7, 2006 Author Share Posted September 7, 2006 lol, forgot about kerby Quote Link to comment Share on other sites More sharing options...
1337n00b Posted September 7, 2006 Share Posted September 7, 2006 catnip, or maybe some yarn. roflmfao, dude that was fucking great. :D Quote Link to comment Share on other sites More sharing options...
PoyBoy Posted September 7, 2006 Author Share Posted September 7, 2006 allright. Serious posts only now please. Im looking for actual answers Quote Link to comment Share on other sites More sharing options...
Jester Posted September 7, 2006 Share Posted September 7, 2006 ROTFLMAO What a cute little server :) 8) Quote Link to comment Share on other sites More sharing options...
PoyBoy Posted September 7, 2006 Author Share Posted September 7, 2006 Dyslexic hobos on acid in a tantrum cause terrible trouble. They also pwn noobs Todays random message brought to you on behalf of Bunary Ninja Quote Link to comment Share on other sites More sharing options...
spektormax Posted September 7, 2006 Share Posted September 7, 2006 This weeks episode of WTF is brought to you by hak5.org,unpluggedpodcast.com, and Kurby the cutest little server on the internet. BUt seriously you can do a buffer overflow just replace the beer with catnip Quote Link to comment Share on other sites More sharing options...
cooper Posted September 7, 2006 Share Posted September 7, 2006 Well, the thing to remember is that Kerberos is an authentication mechanism. Like the lock on your door, it is designed to take a lot of abuse and it is (or should be) designed to fail gracefully should something not behave as expected. So unless you want to get your hands dirty and audit some source code that a lot of smart people already looked over (which has its merits, but makes no guarantees) hoping to find a scenario under which you can make it do something wrong. My guess is the best you can achieve without a lot of research is a DOS on the system it authenticates for. Problem with that is that it's decidedly lame, and can and will be traced back to you in a relatively short amount of time aswell. So, I'd say either get your hands dirty with the code, or don't bother. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.