
Ook is het aanvallen van Linux systemen verbeterd en is het mogelijk om wachtwoorden via John the Ripper te kraken. De nieuwste versie is via deze pagina te downloaden. Voor wie vanaf een bestaande installatie wil upgraden is er dit advies.
Rainbow tables are really useful when cracking password hashes, One disadvantage of these tables is their size which can get up to tens and even hundreds of gigs.
Iām assuming everyone reading already knows about Ophcrack ā the awesome time/memory trade-off password cracker.
Well here is a nifty web-based interface for it. Rainbow Tables are really useful when cracking password hashes, but one major disadvantage of these tables is their size which can be hundreds of gigs for complex tables. The author thought it would be extremely useful to have a personal web interface for your rainbow tables which you can access from anywhere on the web anywhere without having to carry the large tables with you everywhere you go. And well here we are, Wophcrack (Web)Ophcrack.
When cracking LM or NTLM hashes Ophcrack is a great tool as we discussed recently, it provides both a GUI and CLI options along with some free and paid tables. The author basically wrote a quick and dirty PHP based web frontend for Ophcrack.
Wophcrack was designed to work on Backtrack 4 R2, Although it can be install on any Linux distribution with some small adjustments, Wophcrack can also easily edited to support Rainbow Crack.
You can download Wophcrack here:
Or read more here.
Amomymous are building a new Denial of service attack tool which is said to exploit SQL vulnerabilities to support the group's future campaigns. This is called #RefRef and developed in Javascript. This was very effective in a 17 minute attack from a single machine resulting in a 42-minute outage on Pastebin yesterday. This was confirmed by the Pastebin via twitter.
This tool will e released in September. The tool uses a simple GUI to operate. As it turns out, the attack is launched client side, and will send a separate script in the connection request made to the target server. This request is actually the exploit itself, and once the server renders the code, it will continue to render it until crashing. In essence, the stronger the server, the faster it crashes.