2 3 4 5 6 Next >
Category: Recovery » Passwords
Katana: Portable Multi-Boot Security Suite
Katana v1 (Kyuzo) has just been released from www.hackfromacave.com . The Katana: Portable Multi-Boot Security Suite is designed to fulfill many of your computer security needs. The idea behind this tool is to bring together many of the best security distributions and applications to run from one USB Flash Drive. Instead of keeping track of dozens of CDs and DVDs loaded with your favorite security tools, you can keep them all conveniently in your pocket. Katana includes distributions which focus on Penetration Testing, Auditing, Password Cracking, Forensics and Honey Pots. Katana comes with over 100 portable Windows applications, such as Wireshark, HiJackThis, Unstoppable Copier, Firefox, and OllyDBG. It also includes the following distributions: - Backtrack 4 pre - the Ultimate Boot CD - Ophcrack Live - Damn Small Linux - the Ultimate Boot CD for Windows - Got Root? Slax - Organizational Systems Wireless Auditor (OSWA) Assistant - Damn Vulnerable Linux Katana is also highly customizable. You can modify Katana by adding or removing distributions and portable apps with ease. You can add functionality to distributions like the Ultimate Boot CD, Got Root? Slax and UBCD4Win. You can also load your personal scripts and documents to keep them conveniently with you on your flash drive to use in concert with the provided tools. More informations on this can be found at forum.hackfromacave.com
CUPP is a Common User Passwords Profiler. The most common form of authentication is the combination of a username and a password or passphrase. If both match values stored within a locally stored table, the user is authenticated for a connection. Password strength is a measure of the difficulty involved in guessing or breaking the password through cryptographic techniques or library-based automated testing of alternate values. A weak password might be very short or only use alphanumberic characters, making decryption simple. A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative, or a common word such as God, love, money or password. That is why CUPP was born, and it can be used in situations like legal penetration tests or forensic crime investigations.
Background: SNMP is the Simple Network Management Protocol. It is used by many if not most companies to manage and monitor their infrastructure. It is also often overlooked in terms of security and underestimated as an attack vector. RFC1157. Components: The program is a GUI program, written in c#, so you'll need the .NET framework (3.5) and it will only work in MS Windows (Mono and Windows GUI components are a pain to make compatible for now). It uses 2 DLL's that were written from scratch: the hacking.snmp and hacking.bruteforce.dll. The SNMP dll is not complete yet but whenever the author finds time it will be extended to support bulkget and extended ASN parsing, so enumeration will become possible as well as SET actions. You will also need to provide a dictionary for dictionary attacks. A very small one is included. Generic usage: The interface should be intuitive enough. Use the slider to increase or decrease scanning speed. This is important to get accurate results. On a LAN the slider can be set to maximum speed. Behind a Natted broadband connection, caution is advised. Devices such as ADSL modems aren't capable to deal with the large amount of packets and nat connections they generate. The program uses non-blocking udp sockets and a listener for answers, which makes it quite fast. You can also set the destination port for devices which listen on non-standard ports (not 161) and set the listening port to make sure the packets get back ok in case of firewalls. For optimal speed, turn off verbosity, errors and reverse lookups (only in case of maximum speed on a LAN). Results can be saved in XML for further processing and loaded back.
Windows Live Password Recovery
Windows Live Password Recovery is the tool that will instantly find, decrypt & recover Windows Live passwords that were saved by Windows Live Messenger on your PC under the current login. This decoder will recover multiple accounts and supports all known versions of Windows Live Messenger including Messenger Beta, MSN Messenger and Windows Messenger. This cracker works when the "Remember My Password" checkbox is ticked in Windows Live Messenger. Even is you have un-installed Windows Live Messenger there is still a chance that your password is saved on your PC.
ZippyLock is a free and extremely easy to use password management utility. Your password entries are kept in a 'private file' and nowhere else. ZippyLock uses Windows clipboard to transfer your data into forms (see the Demo at web site). When you run ZippyLock for the first time, it prompts you to create a new private file, and asks you to specify a MASTER PASSWORD. Later you will be prompted to save your private file. The private file will be stored on your hard-disk (or a USB Disk). The private file will be Triple-DES encrypted using a unique hash number generated from your MASTER PASSWORD. The hash number too will be encrypted by itself and stored in the same private file along with your encrypted passwords. Note that your MASTER PASSWORD is not stored anywhere. Your encrypted passwords are not stored anywhere other than the private file. No other auxiliary or reference information is kept in hidden places like registry, WINDOWS directory etc. Everything is stored in your private file that you control and nowhere else. In general TDES with three different keys (3TDES) has a key length of 168 bits: three 56-bit DES keys (with parity bits 3TDES has the total storage length of 192 bits), but due to the meet-in-the-middle attack the effective security it provides is only 112 bits. As of 2005, the best attack known on 3TDES requires around 232 known plaintexts, 2113 steps, 290 single DES encryptions, and 288 memory. This is not currently practical.
MSN Password Recovery
MSN Messenger Password Recovery is the MSN password finder that instantly cracks and decrypts the MSN Messenger and Windows Messenger passwords stored on your computer. New version adds support for latest Windows Live Messeger (version 8).
MDCrack is a free featureful password cracker designed to bruteforce several commonly used hash algorithms at a very aggressive speed rate. It can retrieve any password made of up to 8 characters (16 for PIX algorithms) and 55 characters when salted. In order to achieve the highest possible speed rate, this program uses several cores for each algorithm it supports. Each one of these cores provides a different level of optimization designed to best fit with a specific set of command line options. Whatever command line configuration is used, MDCrack will always arrange to use the best available core. To date, this program supports bruteforce attacks on MD2, MD4, MD5, NTLMv1 and PIX (enable and users) hashes, the list of algorithms is growing up. Multi threading allows for parallel cracking and load sharing between several CPUs and multiplies overall speed by the number of available processor(s). This yields to phenomenal performance even on old generation multi-CPUs systems. Several options offer fine tuning for the attack and allow to save and resume your session at a later time. This program has multiple uses in real life, while its primary goal is obviously to test the strength of hashed passwords, it can also be used as a raw benchmark tool for integer calculs. For any question you may have, please be sure to first read the Frequenty Ask Questions file (FAQ) provided in MDCrack ZIP file. I hope you will enjoy this program.
SQL Password is a password recovery tool for Microsoft SQL Server that can recover password for registered user accounts. The following versions of MS SQL Server are supported: 2000, 2005, 2005 Express as well as Microsoft SQL Server Desktop Engine (MSDE) 2000. Because of the nature of the security system used in MS SQL Server, you have two options when recovering lost or forgotten passwords: 1) you can try to recover the original password. MS SQL Server encrypts passwords and they cannot be easily decrypted, so SQL Password uses the following recovery methods to crack them: Brute Force Attack, Dictionary Attack and Smart Force Attack. Although there is a guarantee that the password will be recovered, it may take a long time. So, in most cases (i.e. an administrator who has forgotten his or her password) the best option is the second one: 2) you can reset the password to a known one. SQL Password performs this operation instantly by modifying the master.mdf file where SQL Server stores passwords. If you use this feature, you do not have to wait until the password is cracked, though the original password remains unknown. This change is transparent and you may continue to work with the database as usual, using the new password to log on. You can use SQL Password to recover or reset any password found in the user accounts file of MS SQL Server, including the password for the system administrator (whose username is "sa"). Like every other our password recovery tool, SQL Password is efficient, reliable and easy-to-use. We constantly update it to support the latest versions of MS SQL Server. The latest version supported at the moment is 2005. Please check our website for updates and more information. Note: if SQL Server is configured to use the standard Windows security accounts ("Windows authentication mode"), SQL Password will not be able to recover passwords.
Castor - Novell eDirectory Password Auditor
Castor is a security audit tool for Novell eDirectory. · Check for weak passwords (Universal or NDS) · Check for improper rights given to administrators · Backup Universal passwords
Browse by category