Posted over at UNEASYsilence:
If exploiting security prevention measures is your thing, check out
this databse of downloadable password cracking software. Brute force,
dictionary attacks, ect. All sorts of goodies. Don’t forget the read on
acquiring ‘lost’ Microsoft passwords.
Many of those crackers are over
10 years old and not written with today's processors in mind. With most
crack attempts, your processing speed is your bottleneck. If you run a
DOS based cracker in a DOS windows on XP, you are slowing the crack up to
60%. Your best bet it to try to find a backdoor to the password, using
“Password Recovery” software, like Passware, that is not a brute force or
dictionary attacks. If you do have to go for a brute force or dictionary
attack, find a fast processor, and use John
the Ripper. Cain and Abel
also has an excellent cracker in it.
Speaking of Cain and Abel, version 2.69 was recently released. This is
one of the best security toys I have in my arsenal. Download it and you
will not be disappointed. Here are the release notes for version 2.69:
– A new type of Rainbow
Tables has been added to Winrtgen v1.3. “FastLM” tables can be used
against LM Hashes and provide both faster generation and cryptanalysis.
FastLM tables are not compatible with standard tables for LM Hashes
generated by RainbowCrack, renaming the filenames is useless.
– LM Hashes Cryptanalysis via FastLM Sorted Rainbow Tables.
– Benchmark added to Cain's cryptanalysis dialog.
– Fixed two bugs in Kerberos5 and SNMP sniffer filters (thanks for the bug reports).
– MSCACHE Hashes Dumper
– MSCACHE Hashes Dictionary and Brute-Force Crackers
– Sniffer filter for SIP-MD5 authentications
– SIP-MD5 Hashes Dictionary and Brute-Force Crackers
– Off-line capture file processing compatible with winpcap, tcpdump, ethereal format.