This quote was taken from
http://www.faqs.org/faqs/kerberos-fa...ection-25.html
Quote:
In Kerberos 4, a salt was never used. The password was the only input to the one-way hash function. This has a serious disadvantage; if a user happens to use the same password in two Kerberos realms, a key compromise in one realm would result in a key compromise in the other realm.
In Kerberos 5 the complete principal name (including the realm) is used as the salt. This means that the same password will not result in the same encryption key in different realms or with two different principals in the same realm.
|
So...
In theory...
Yes! You could create a rainbowtable based upon the salt value of the
username@domain.com but I don't know how to rewrite the rtgen code to do that!
You are right, there would be no advantage over brute force or wordlist attacks. Well, it would be faster to crack the password, but you would have to spend a week creating the tables first!!
But I like the way you think, that the best skill a "hacker"/"penetration tester" can have!
l8r,
xatar.