[wplug] Re: Windows Password hacking
Richard Farina
r.farina at adelphia.net
Mon Oct 11 22:10:24 EDT 2004
I have a custom version of ERD2003 and a self made WinPE. The point
however it to recover passwords, as changing them is not always a good
idea. Domain controllers, etc... plus changing the password leaves proof
and finding it can be invisible.
The idea here is not acctually to build a program for my personal use,
although I'm sure I would find a use for it, the idea is to prove a
point. A sophisticated attack against windows authentication that yields
all passwords as fast as the file can be read. Plus, it would be fun to
develop.
Any takers?
-Rick
At 12:58 PM 10/10/2004, you wrote:
>Richard,
>
> There is already UNIX-based Windows hacking software that allows
> you to do one better. You boot off of the CD and you can then change any
> password to anything you want. It's called ERD Commander and its quite
> expensive but very popular.
>
><http://www.winternals.com/products/repairandrecovery/erdcommander2002.asp?
>pid=erd>
>
>-Avi
>
>--On Sunday, October 10, 2004 12:00 PM -0400 wplug-request at wplug.org wrote:r
>
>>Send wplug mailing list submissions to
>> wplug at wplug.org
>>
>>To subscribe or unsubscribe via the World Wide Web, visit
>> http://www.wplug.org/mailman/listinfo/wplug
>>or, via email, send a message with subject or body 'help' to
>> wplug-request at wplug.org
>>
>>You can reach the person managing the list at
>> wplug-owner at wplug.org
>>
>>When replying, please edit your Subject line so it is more specific
>>than "Re: Contents of wplug digest..."
>>
>>
>>Today's Topics:
>>
>> 1. mp3 of VoIP presentation (Bill Moran)
>> 2. Windows Password hacking (Richard Farina)
>> 3. Re: Windows Password hacking (Hagbard Celine)
>> 4. RE: mp3 of VoIP presentation (Teodorski, Chris)
>>
>>
>>----------------------------------------------------------------------
>>
>>Message: 1
>>Date: Sat, 9 Oct 2004 19:59:21 -0400
>>From: Bill Moran <wmoran at potentialtech.com>
>>Subject: [wplug] mp3 of VoIP presentation
>>To: wplug at wplug.org
>>Message-ID: <20041009195921.4d974378.wmoran at potentialtech.com>
>>Content-Type: text/plain; charset=US-ASCII
>>
>>
>>I made an mp3 recording of (most of) today's VoIP presentation. It's an
>>11M file (when I say "most", I forgot to start recording until about 15
>>minutes into the presentation.
>>
>>Are people interested in this? Would the admin be willing to host the
>>file on the wplug server if folks want copies of it?
>>
>>--
>>Bill Moran
>>Potential Technologies
>>http://www.potentialtech.com
>>
>>
>>------------------------------
>>
>>Message: 2
>>Date: Sat, 09 Oct 2004 20:13:11 -0400
>>From: Richard Farina <r.farina at adelphia.net>
>>Subject: [wplug] Windows Password hacking
>>To: General user list <wplug at wplug.org>
>>Message-ID: <6.1.2.0.0.20041009200828.01e22ec0 at mail.adelphia.net>
>>Content-Type: text/plain; charset="us-ascii"; format=flowed
>>
>>I know, I know, a horrible topic for a linux mailing list, but I need
>>some help.
>>
>>I have this idea, seems brilliant to me, to make the single best windows
>>(yes and the math can be used for other passwords as well) cracker.
>>First I need to do a little research and I'm wondering how many possible
>>combinations of characters do you get with a 32 digit hexadecimal hash?
>>
>>Second, generate all possible hashes.
>>
>>Run some cracker over the possible hashes and generate a file that has
>>the solution to every possible hash.
>>Write simple lookup routine to solve all passwords instantly.
>>
>>I have the spare cpu cycles to do this, but not the programming backround.
>>
>>This is a variant of the time vs cpu trade off routine implimented in
>>"Rainbow Crack".
>>
>>This would be an indispensible tool for recovering passwords and for some
>>reason, no one has implimented it.
>>Full credit to the programmer who helps me. thanks.
>>
>>-Rick Farina
>>
>>
>>
>>
>>------------------------------
>>
>>Message: 3
>>Date: Sun, 10 Oct 2004 10:29:18 -0400
>>From: Hagbard Celine <>
>>Subject: Re: [wplug] Windows Password hacking
>>To: General user list <wplug at wplug.org>
>>Message-ID: <20041010142918.GA543 at fnord>
>>Content-Type: text/plain; charset=us-ascii
>>
>>On Sat, Oct 09, 2004 at 08:13:11PM -0400, Richard Farina wrote:
>>>I know, I know, a horrible topic for a linux mailing list, but I need
>>>some help.
>>Hamlet (I,iv,90)
>>
>>Hagbard
>>
>>
>>
>>------------------------------
>>
>>Message: 4
>>Date: Sun, 10 Oct 2004 11:01:00 -0400
>>From: "Teodorski, Chris" <cteodorski at mahoningcountyoh.gov>
>>Subject: RE: [wplug] mp3 of VoIP presentation
>>To: "General user list" <wplug at wplug.org>
>>Message-ID:
>>
>><EBF2F77CA36B5640AFB4E31F2EBA78ED7EB9 at sdprmail01.mahoningcountyoh.gov>
>>Content-Type: text/plain; charset="iso-8859-1"
>>
>>I personally would love to have a copy. I was unable to attend but it is
>>a topic I am very interested in.
>>
>>________________________________
>>
>>From: wplug-bounces+cteodorski=mahoningcountyoh.gov at wplug.org on behalf
>>of Bill Moran Sent: Sat 10/9/2004 7:59 PM
>>To: wplug at wplug.org
>>Subject: [wplug] mp3 of VoIP presentation
>>
>>
>>
>>
>>I made an mp3 recording of (most of) today's VoIP presentation. It's an
>>11M file (when I say "most", I forgot to start recording until about 15
>>minutes into the presentation.
>>
>>Are people interested in this? Would the admin be willing to host the
>>file on the wplug server if folks want copies of it?
>>
>>--
>>Bill Moran
>>Potential Technologies
>>http://www.potentialtech.com
>>_______________________________________________
>>wplug mailing list
>>wplug at wplug.org
>>http://www.wplug.org/mailman/listinfo/wplug
>>
>>
>>-------------- next part --------------
>>A non-text attachment was scrubbed...
>>Name: not available
>>Type: application/ms-tnef
>>Size: 3961 bytes
>>Desc: not available
>>Url :
>>http://www.wplug.org/pipermail/wplug/attachments/20041010/c766cb80/attach
>>ment-0001.bin
>>
>>------------------------------
>>
>>_______________________________________________
>>wplug mailing list
>>wplug at wplug.org
>>http://www.wplug.org/mailman/listinfo/wplug
>>
>>
>>End of wplug Digest, Vol 8, Issue 10
>>************************************
>
>
>
>
>
>_______________________________________________
>wplug mailing list
>wplug at wplug.org
>http://www.wplug.org/mailman/listinfo/wplug
More information about the wplug
mailing list