|
(Page 1 of 10) 1 2 3 4 5 6 Next > Category: Auditing » Passwords lm2ntcrack Added 2008-10-17 This tool provides a simple way to crack Microsoft Windows NT Hash (MD4) when the LM Password is known. It is entirely written in perl, so its easily ported and installed. This program must be used with the password cracker "John the Ripper" http://www.openwall.com/john/ * Example : [yann@xmcopartners:~/lm2ntcrack]$ time perl lm2ntcrack.pl -v -l="AZERTY123$" -n="81CD1A1C4CBCE05C0F8D411ACEC7587F" ############################################################################ # NT Password cracker from LM password # Version : 0.5a - Oct 2008 # By Yannick HAMON Sipflanker Added 2008-08-02 Many (if not most) VoIP devices have available a Web GUI for their configuration, management, and report generation. These Web GUIs are often on default, meaning that the moment you install the IP phone or IP PBX, the Web GUI is immediately available on the network. And unfortunately it is also common for the username and password to have the default values. Sipflanker will help you find these SIP devices with potentially vulnerable Web GUIs in your network. What the application does is search the range of IPs you specify, and checks if port 5060 is available. Whether open or close, port 5060 indicates the presence of a SIP device. Then it checks if port 80 (http) is open. The combination of an open port 80, together with port 5060, either open or closed, signals a SIP device with a Web GUI. Windows Live Password Recovery Added 2007-05-05 Windows Live Password Recovery is the tool that will instantly find, decrypt & recover Windows Live passwords that were saved by Windows Live Messenger on your PC under the current login. This decoder will recover multiple accounts and supports all known versions of Windows Live Messenger including Messenger Beta, MSN Messenger and Windows Messenger. This cracker works when the "Remember My Password" checkbox is ticked in Windows Live Messenger. Even is you have un-installed Windows Live Messenger there is still a chance that your password is saved on your PC. ZippyLock Added 2007-03-29 ZippyLock is a free and extremely easy to use password management utility. Your password entries are kept in a 'private file' and nowhere else. ZippyLock uses Windows clipboard to transfer your data into forms (see the Demo at web site). When you run ZippyLock for the first time, it prompts you to create a new private file, and asks you to specify a MASTER PASSWORD. Later you will be prompted to save your private file. The private file will be stored on your hard-disk (or a USB Disk). The private file will be Triple-DES encrypted using a unique hash number generated from your MASTER PASSWORD. The hash number too will be encrypted by itself and stored in the same private file along with your encrypted passwords. Note that your MASTER PASSWORD is not stored anywhere. Your encrypted passwords are not stored anywhere other than the private file. No other auxiliary or reference information is kept in hidden places like registry, WINDOWS directory etc. Everything is stored in your private file that you control and nowhere else. In general TDES with three different keys (3TDES) has a key length of 168 bits: three 56-bit DES keys (with parity bits 3TDES has the total storage length of 192 bits), but due to the meet-in-the-middle attack the effective security it provides is only 112 bits. As of 2005, the best attack known on 3TDES requires around 232 known plaintexts, 2113 steps, 290 single DES encryptions, and 288 memory. This is not currently practical. Scuba by Imperva Added 2007-01-05 Scuba by Imperva is a free, lightweight Java tool that scans Oracle, DB2, MS-SQL, and Sybase databases for hundreds of software vulnerabilities. It also detects configuration flaws like insecure passwords, unsafe processes, unrestricted permission levels, and more. Furthermore, it generates HTML and Java reports that show overall security risk level and detailed information about each vulnerability – so you can pinpoint configuration risks within minutes. Scuba by Imperva detects hundreds of database vulnerabilities and configuration issues. And better yet – it helps you meet industry-leading best practices standards for database configuration and management. md5tables Added 2006-09-16 md5tables is a shell script that references a wordlist of md5 hashes and words for password auditing. It can crack MD5 hashes from a wordlist of hashes/words in mere seconds. MSN Password Recovery Added 2006-09-07 MSN Messenger Password Recovery is the MSN password finder that instantly cracks and decrypts the MSN Messenger and Windows Messenger passwords stored on your computer. New version adds support for latest Windows Live Messeger (version 8). MDCrack Added 2006-09-07 MDCrack is a free featureful password cracker designed to bruteforce several commonly used hash algorithms at a very aggressive speed rate. It can retrieve any password made of up to 8 characters (16 for PIX algorithms) and 55 characters when salted. In order to achieve the highest possible speed rate, this program uses several cores for each algorithm it supports. Each one of these cores provides a different level of optimization designed to best fit with a specific set of command line options. Whatever command line configuration is used, MDCrack will always arrange to use the best available core. To date, this program supports bruteforce attacks on MD2, MD4, MD5, NTLMv1 and PIX (enable and users) hashes, the list of algorithms is growing up. Multi threading allows for parallel cracking and load sharing between several CPUs and multiplies overall speed by the number of available processor(s). This yields to phenomenal performance even on old generation multi-CPUs systems. Several options offer fine tuning for the attack and allow to save and resume your session at a later time. This program has multiple uses in real life, while its primary goal is obviously to test the strength of hashed passwords, it can also be used as a raw benchmark tool for integer calculs. For any question you may have, please be sure to first read the Frequenty Ask Questions file (FAQ) provided in MDCrack ZIP file. I hope you will enjoy this program. CryptoSearch Added 2006-08-08 Castor - Novell eDirectory Password Auditor Added 2006-07-10 Castor is a security audit tool for Novell eDirectory. · Check for weak passwords (Universal or NDS) · Check for improper rights given to administrators · Backup Universal passwords Browse by category |
|
 Privacy Statement |
