Windows password cracker tool - Ophcrack

Tweet

What is ophcrack?

Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.

Features:

• Runs on Windows, Linux/Unix, Mac OS X, ...
• Cracks LM and NTLM hashes.
• Free tables available for Windows XP and Vista.
• Brute-force module for simple passwords.
• Audit mode and CSV export.
• Real-time graphs to analyze the passwords.
• LiveCD available to simplify the cracking.
• Loads hashes from encrypted SAM recovered from a Windows partition, Vista included.
• Free and open source software (GPL).

Read More

Make Folders Invisible

Tweet

Hiding folders is an easy to do task inMicrosoft Windows XP. This is a great way to keep all your personal files un-findable.
To do this, create a new folder some where. Then ‘Right Click’ and select

Rename

Now press and hold down the ‘Alt’ key and type in

0160

This will get rid of the text. Now ‘Right Click’ on the folder, and ‘click’ on

Properties

Now ‘click’ on the ‘Customize’ tab. Then click on

Change Icon

Scroll to the right until you find a few white icons. ‘Click’ on one of them, and then click on ‘Apply’ and then ‘Ok.’
You have just made a folder invisible and can hide all your personal files in it. Don’t you just love Windows XP?

Read More

Brute force Password Cracking explained

Tweet

Brute force is the best hacking method to an email account  as chances of getting password is very high.The methods is very simple . But this method is cumbersome. Still most hacking software use this method due to high success rate .

This is how you do it. All that you need is the username and findout what is the max password length the software/site allows and also the minimum. say the minimum is 6 and max is 8. You have to start trying out all the combination.First all the six letter combos then seven then 8

aaaaaa

aaaaab

aaaaac

aaaaab

.

.

abaaaa

.

.

azzzzz

baaaaa

.

..

zzzzzz

Now once you do for 6 repeat the same for 7 and then for 8 . You will surely crack it.But the no of combos you need to try is very high.So in most cases you cannot use it but designed software do the job in few minutes. Check crack passwords section for such software's to crack your software/site. This is best used to recover passwords of mobile phone . If use them for hacking,you guys just remember to use strong passwords both upper,lower case and number too to make a strong password usually not below that 9 letter and minizme the chances of getting your account hacked

Here are the two most popular and well known Brute forcers
1.Brutus aet2                 2.Munga Brute force

Read More

Cracking FTP Passwords Using Dictionary Attacks

Tweet

What is a Dictionary Attack ?

In layman language, Dictionary attack means using a tool that picks passwords from a wordlist and tries them one by one until one works

How to make a wordlist ?

A wordlist can consist of all possible combinations of letter,numbers,special characters. It can have some common or default passwords. You can download the wordlist generators or google the wordlists for bruteforcing and configure them according to yourself.

How fruitful attack can be ?

If we are try all possible combinations of letter,numbers,special characters, theoretically chances of success are 100%. But practically it is not possible to try every combination because it can take a lot of time. This attack just depends on the time you give,processing power and ofcourse your luck.

Tool I will be using ?
  

• THC Hydra

Step 1 

Download THC Hydra from here

Step 2

(a) Make a usename wordlist consisting of some common usernames like this

(b) Get a wordlist of passwords
(c) Copy both wordlists to your hydra folder

Step 3

(a)Open the command prompt and change directory to your hydra folder using cd command.

(b) Type "hydra" without quotes and it will show you the options to use.

(c) Now to start attak,

Type "hydra -L userslist.txt -P passlist.txt xxx.xxx.xxx.xxx ftp" and press enter

where userslist.txt is the list of usernames, passlist.txt is the list of passwords and xxx.xxx.xxx.xxx is the IP address of target, Now it will start cracking

To use a single username instead of wordlist , Replace capital L with small l , like this

Type "hydra -l username -P passlist.txt xxx.xxx.xxx.xxx ftp"

Note : Ftp port must be open.

Warning: I highly recommend you to use a chain of proxies to spoof your identity because proper logs of user's IP addresses who try to connect to ftp server is made on the server. Here is an example of the same.

Countermeasures to protect yourself from this attack:

1. Use strong passwords
2. Enable Autoban of IPs or anyother option like this.

About The Author
This is a guest post written by Aneesh M Makker. Aneesh M.Makker is an Ethical hacker from Malout, a town in Punjab.Click here to visit his Facebook Profile

Read More

Free Hacking Tools essential For every Hacker

Tweet

A Hacking tool is a program which helps you in Hacking making it easier for you,Gone are those days when you have to do every thing manually,now a days Hacking tools have made work easier for you,Below i am posting some of Hacking tools essential for every Hacker out there to make the work alot easier,these tools are also actually a Kind of Security tools but it on you how you use them.

Free Essential Hacking tools For every Hacker

• IP Tools :

IP-Tools offers many TCP/IP utilities in one program. This award-winning Free Hacking tool can work under Windows 98/ME, Windows NT 4.0, Windows 2000/XP/2003, Windows Vista and is indispensable for anyone who uses the Internet or Intranet.
It includes the following utilities 

• Local Info – examines the local host and shows info about processor, memory, Winsock data, etc. 
• Name Scanner – scans all hostnames within a range of IP addresses
• Port Scanner – scans network(s) for active TCP based services 
• Ping Scanner – pings a remote hosts over the network 
• Telnet – telnet client 
• HTTP – HTTP client 
• IP-Monitor – shows network traffic in real time & many more 
• IP TOOLS has almost all the utilities built into it.So there is no need to use seperate tools for every indivisual process of hacking such as Port scanning,Whois scanning,IP monitor etc.It’s like a hacking tool kit which has all the necessary tools for hacking.

• Cain and Able :

Cain and Abel (sometimes called simply "Cain") is a Windows password recovery tool. It can recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks. Cryptanalysis attacks are done via rainbow tables which can be generated with the winrtgen.exe program provided with Cain and Abel. Cain and Abel is maintained by Massimiliano Montoro.I have made a tutorial on Hack a Computer with Cain and able.

• Brutus ( Password Cracker):

Brutus is a remote online password cracker for windows, good for HTTP,POP3,FTP,SMB,Telnet and lots others.. it's also free. It is available for Windows 9x, NT and 2000, there is no UN*X version available although it is a possibility at some point in the future. Brutus was first made publicly available in October 1998 and since that time there have been at least 70,000 downloads and over 175,000 visitors to this page. Development continues so new releases will be available in the near future. Brutus was written originally to help me check routers etc. for default and common passwords.

• Rainbow Crack :

A very nice Hacking tools.Its general propose implementation of Philippe Oechslin's faster time-memory trade-off technique. It cracks hashes with rainbow tables,Some of its features are :

1. Full time-memory tradeoff tool suites, including rainbow table generation, sort, conversion and lookup
2. Support rainbow table of any hash algorithm
3. Support rainbow table of any charset
4. Support rainbow table in raw file format (.rt) and compact file format (.rtc)
5. Computation on multi-core processor support
6. Computation on GPU (via NVIDIA CUDA technology) support
7. Computation on multi-GPU (via NVIDIA CUDA technology) support
8. Runs on Windows XP 32-bit, Windows Vista 32-bit and Windows 7 32-bit
9. Command line and graphics user interface

• LC5 (LophtCrack) :

Windows password auditing and recovery application L0phtCrack or LC5 attempts to crack Windows passwords from hashes which it can obtain (given proper access) from stand-alone Windows workstations, networked servers, primary domain controllers, or Active Directory. In some cases it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, etc). LC5 was discontinued by Symantec in 2006, then re-acquired by the original L0pht guys and reborn as LC6 in 2009.

• John the Ripper :

A powerful, flexible, and fast multi-platform password hash cracker John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types which are most commonly found on various Unix flavors, as well as Kerberos AFS and Windows NT/2000/XP LM hashes. Several other hash types are added with contributed patches. You will want to start with some wordlists, which you can find HERE


Hope you liked the collection of Hacking tools i will be adding more soon.

Read More