Home page logo

pauldotcom logo PaulDotCom mailing list archives

Early Christmas present: WhiteChapel-NG released
From: Rob Fuller <jd.mubix () gmail com>
Date: Tue, 24 Dec 2013 14:10:02 -0500

Only requirement is Ruby on Rails and Postgres (easy to put with your
metasploit instance)


Demo site: http://whitechapel-dev-64104.use1.actionbox.io/

99.9% of the work was done by @Nullthreat

If you don't know what White-Chapel is, it's a interface that
generates password hashes based on clear text passwords and stores
them. It's a way to store all of your cracked password in a way that
is searchable in the future, but the main benefit is that it generates
a handful of hashes for each clear text. So if you run across a server
that has a SHA512 set of hashes in the database from the password
"UberL133TP () ssw0rdKingdom" you got out of Mimikatz, its fairly simple
to lookup.

You wouldn't load rockyou into this since John the Ripper or Hashcat
could rip through those lists at mach speed. This is meant to be a
repository of things you've cracked. and a central place to keep that
data among pentesters in your group or just across the years.

Rob Fuller | Mubix
Certified Checkbox Unchecker
Room362.com | Hak5.org
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
Main Web Site: http://pauldotcom.com

  By Date           By Thread  

Current thread:
  • Early Christmas present: WhiteChapel-NG released Rob Fuller (Dec 27)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]