> * A program to process sniffed traffic and try to break
> server encryption
> keys.
File data isn't encrypted. Only the authentication is encrypted.
As far as sniffing it, see the list archive for details on tcpdump patches,
and also have a look at ethereal, it has rx/afs support in it, although it
doesn't do much with the krb stuff.
> * Token-grabbing exploits, for once you've hacked root on a client
> machine.
What exploits? Just issue ktc_GetToken and ktc_SetToken with your first two
auxilliary groups set to an aux group that corresponds to a users pag. Or if
you merely want to use the token, just set your aux groups to get into that
users pag.
-- Nathan
