[TOOL] Domino Hash Breaker

• Previous message: support@securiteam.com: "[NT] SQL Server Remote Data Source Function Buffer Overflows"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: support@securiteam.com
To: list@securiteam.com
Date: Fri, 22 Feb 2002 22:44:44 +0100 (CET)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  Domino Hash Breaker
------------------------------------------------------------------------

DETAILS

Domino is a software solution from Lotus providing access to bases Notes
(nsf) via a web interface. According to the sensitivity of these data,
access can be restricted with a web authentication of login/password.

The password of these users is stored in the 'names.nsf' file in an
encrypted form (hash). This hash is the result of an algorithm created by
Lotus Domino (based on the RC4 algorithm).

Domino Hash Breaker is a tool that tries to find the clear text form of
the password by utilizing a dictionary attack. The goal is to make it
possible for an administrator to check the robustness of the passwords of
its users.

ADDITIONAL INFORMATION

The tool can be downloaded from:
 <http://www.securiteinfo.com/outils/DominoHashBreaker.shtml>
http://www.securiteinfo.com/outils/DominoHashBreaker.shtml

The information has been provided by <mailto:valgasu@securiteinfo.com>
Valgasu.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

• Previous message: support@securiteam.com: "[NT] SQL Server Remote Data Source Function Buffer Overflows"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages [TOOL] SMBProxy ... SMBProxy is a "Passing the Hash" tool that works as a proxy. ... The tool intercepts communication with Windows NT 4.0 and Windows 2000. ... The information in this bulletin is provided "AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ... (Securiteam) [TOOL] High-speed Brute-force Password Cracker for MySQL ... The MySQL password hash function could be strengthened considerably ... int i, len; ... The information in this bulletin is provided "AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ... (Securiteam) [TOOL] QCrack - Message Diggest Brute Force Tool ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... known hash, or calculate the hash of a given string. ... The information in this bulletin is provided "AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ... (Securiteam)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint