Archive | Password Cracking


14 August 2007 | 6,443 views

Russian Elcomsoft Finds Backdoor in Quicken Passwords

Elcomsoft is quite a well known firm when it comes to password ‘recovery’, I have used their products in the past when I was in a fix and I needed a password that had been, you know…lost. They rose to fame in 2001 after cracking Adobe’s eBook format. Recently they announced a fairly serious backdoor [...]

Continue Reading


06 August 2007 | 19,164 views

Inguma – Penetration Testing Toolkit

Inguma is a penetration testing toolkit entirely written in python. The framework includes modules to discover hosts, gather information about, fuzz targets, brute force user names and passwords and, of course, exploits for many products. Inguma the word is the name of a Basque’s mythological spirit who kills people while sleeping and, also, the one [...]

Continue Reading


23 July 2007 | 19,871 views

piggy – Download MS-SQL Password Brute Forcing Tool

Piggy is yet another tool for performing online password guessing against Microsoft SQL servers. It supports scanning multiple servers using a dictionary file or a file with predefined accounts (username and password combinations). It’s a pretty simple tool and has a Win32 binary verson – it is a command line tool however.

You can [...]

Continue Reading


21 June 2007 | 9,562 views

AOL Has An Odd Password System

An interesting snippet from last month, AOL seems to have a strangely configued password system. Users can enter up to 16 characters as a password, but the system only reads the first 8 and discards the rest. They are basically truncating the password at 8 characters. A reader wrote in Friday with an interesting observation: [...]

Continue Reading


18 May 2007 | 17,198 views

pwdump6 1.5.0 as well as fgdump 1.5.0 Released for Download

A while ago some updates of pwdump and fgdump were released, namely pwdump6 1.5.0 as well as fgdump 1.5.0. Version 1.5.0 of both programs takes advantage of some changes which makes them less likely to be detected by antivirus, at least as of today. This will be particularly helpful to those of you dealing with [...]

Continue Reading


23 March 2007 | 14,740 views

ObiWaN – Web Server Brute Forcing from Phenoelit

This Phenoelit tool called ObiWaN is written to carry out brute force security testing on Webservers. The idea behind this is webservers with simple challenge-response authentication mechanism mostly have no switches to set up intruder lockout or delay timings for wrong passwords. In fact this is the point to start from. Every user with a [...]

Continue Reading


13 March 2007 | 8,726 views

PwdHash from Stanford – Generate Passwords by Hashing the URL

The Common Password Problem. Users tend to use a single password at many different web sites. By now there are several reported cases where attackers breaks into a low security site to retrieve thousands of username/password pairs and directly try them one by one at a high security e-commerce site such as eBay. As expected, [...]

Continue Reading


14 February 2007 | 312,991 views

THC-Hydra – The Fast and Flexible Network Login Hacking Tool

THC-Hydra rocks, it’s pretty much the most up to date and currently developed password brute forcing tool around at the moment. It supports a LOT of services and protocols too. Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallelized login cracker which supports numerous protocols [...]

Continue Reading


06 January 2007 | 33,548 views

LMCrack – Windows LanMan Hash Cracker Tool with Download

As a security consultant, job functions include Penetration Testing and Vulnerability Assessments. The aim of these types of engagements is to demonstrate risk to the customer. One of the steps involved in demonstrating risk is password auditing (“cracking”) in order to assess the strength and quality of passwords in use in the environment. On a [...]

Continue Reading


02 January 2007 | 227,067 views

Cain & Abel – Download the Super Fast and Flexible Password Cracker with Network Sniffing

Cain & Abel is easily one of our favourite password crackers here at Darknet, especially because it’s oldskool but still under development, unlike most other projects which have been abandoned as time passed. Cain & Abel has some awesome stuff built in like native network sniffing and network password grabbing. Cain & Abel is a [...]

Continue Reading