Results 1 to 2 of 2

Thread: dealing with v3 certs and CAs

  1. #1
    Junior Member
    Join Date
    Feb 2010
    Posts
    31

    Default dealing with v3 certs and CAs

    Scenario:
    • Juicy Secrets in a database (SQL2000)
    • patches are up to date
    • password is long (32 characters)
    • ssl is enforced on the connection (v3) via root CA on domain controller.


    Can't haschcat (password too long)
    Can't sniff the user/pass off the wire (encrypted) and ettercap doesn't support v3

    I could rdesktop in to the Machine and look at the certificate installed via the certificate snapin. Would this information be enough to generate a cert for ssldump to decode the stream?

    However I can get to the CA root (Win 2k3 C:\Windows\system32\certlog)
    Does backtrack have a tool to pull the certs directly from the edb file? (using esentutl.exe isn't helpful)

    Or am I going about this in the wrong way and there is a more elegant approach?

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: dealing with v3 certs and CAs

    Closed. This has nothing to do with Backtrack Linux.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

Similar Threads

  1. Replies: 5
    Last Post: 09-10-2010, 10:42 AM
  2. Which security certs are worth having?
    By daffyduc in forum OLD General IT Discussion
    Replies: 1
    Last Post: 03-13-2010, 09:52 AM
  3. Ettercap and SSL certs
    By cian1500ww in forum OLD Newbie Area
    Replies: 3
    Last Post: 07-10-2009, 05:49 PM
  4. Secuirty Certs
    By dlink in forum OLD Newbie Area
    Replies: 13
    Last Post: 02-29-2008, 02:33 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •