[TOOL] OPHCRACK with Windows and Linux GUI

• Previous message: SecuriTeam: "[UNIX] Mafia Blog Privilege Escalation Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: list@securiteam.com
Date: 19 Apr 2005 11:28:24 +0200

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html

- - - - - - - - -

  OPHCRACK with Windows and Linux GUI
------------------------------------------------------------------------

SUMMARY

DETAILS

Ophcrack version 2.0 is a windows password cracker based on the faster
time-memory trade-off using rainbow tables.

Main Features:
 * Runs with GUI under Windows and Linux
 * Dumps hashes from local and remote hashes, provided you are
administrator
 * Dumps hashes from encrypted SAM and config, provided you boot on a CD
to retrieve the files (no administrator needed)
 * Cracks 99.9% of alphanumerical passwords of length 1 to 14
 * Comes with two rainbow table sets, one for less than 500MB RAM one for
more.

The interface allows for three ways of dumping password hashes:
 * encrypted SAM: dumps the hashes from the SAM and SYSTEM files retrieved
from a Windows machine while booting on another disk. Note that in this
case you do not need to known a windows administrator password to get the
hashes.

 * local SAM (only for the windows version of ophcrack 2.0): dumps the
hashes from the Windows machine the program is running on . You need to be
administrator of your local machine for this to work.

 * remote SAM (only for the windows version of ophcrack 2.0): dumps the
hashes of a remote Windows machine, provided you know the username and
password of an administrator and the name of share.

Alternatively, you can also crack hashes that you have save from a
previous session or obtained with another tool.

ADDITIONAL INFORMATION

The information has been provided by
<mailto:philippe.oechslin@objectif-securite.nospam.ch> Philippe Oechslin.
To keep updated with the tool visit the project's homepage at:
<http://ophcrack.sourceforge.net/> http://ophcrack.sourceforge.net/

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

• Previous message: SecuriTeam: "[UNIX] Mafia Blog Privilege Escalation Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]