Penetration Testing: Re: Craking Serv-u passwords stored in .ini file.

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing mailing list archives

Re: Craking Serv-u passwords stored in .ini file.

From: Hans Porter <infosecprofessional () gmail com>
Date: Thu, 2 Sep 2004 16:44:23 -0400

Actually, the http://passcracking.com site will crack MD5 hashes using
rainbow tables, but they are non-salted, as salted MD5 is too
difficult for precomputation attacks (for now).  The Sarca project
(sarcaprj.wayreth.eu.org) does LanMan and NT via rainbow tables.

   --- Hans

On 1 Sep 2004 19:10:41 -0000, "Jérôme" ATHIAS
<jerome.athias () caramail com> wrote:

In-Reply-To: <1FFD627BFDAEE0468AA006E0AD632470E47878 () uncl-mail caa army mil>

i believe that is an md5 hash.  there is a free service for cracking md5 =

hashes that uses tables at http://passcracking.com

peas audi

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


I believe this url will only crack LM hashes of Windows passwords up to 14 characters using Rainbow Tables...

I think it's quite different from MD5...

PS: you maybe could look at http://wired.s6n.com/files/jathias/



------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------


------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------

By Date By Thread

Current thread:

RE: Craking Serv-u passwords stored in .ini file., (continued)
- RE: Craking Serv-u passwords stored in .ini file. Smith III, Edward Mr. CAA/ISC (Sep 01)
  - RE: Craking Serv-u passwords stored in .ini file. Jose Maria Lopez (Sep 01)
- RE: Craking Serv-u passwords stored in .ini file. Ferruh Mavituna (Sep 01)
- RE: Craking Serv-u passwords stored in .ini file. M. D. (Sep 02)
- Re: Craking Serv-u passwords stored in .ini file. J�r�me (Sep 02)
  - Re: Craking Serv-u passwords stored in .ini file. Hans Porter (Sep 02)
    - Re: Craking Serv-u passwords stored in .ini file. Marius Huse Jacobsen (Sep 09)
- RE: Craking Serv-u passwords stored in .ini file. Scovetta, Michael V (Sep 02)
  - RE: Craking Serv-u passwords stored in .ini file. Ferruh Mavituna (Sep 02)
- RE: Craking Serv-u passwords stored in .ini file. Altheide, Cory B. (IARC) (Sep 02)
  - RE: Craking Serv-u passwords stored in .ini file. Ferruh Mavituna (Sep 02)