November 3rd, 2009

Using Cloud Computing To Crack Passwords – Amazon’s EC2

Now this is interesting a proper mathematical calculation for using cloud computing to crack passwords, now Amazon has opened up their EC2 (Elastic Compute Cloud) the cost of massive parallel processing power has come right down.
And guess what, someone thought of using it to crack passwords. It seems the cut-off would be a 12 character [...]

October 29th, 2009

KrbGuess – Guess/Enumerate Kerberos User Accounts

KrbGuess is a small and simple tool which can be used during security testing to guess valid usernames against a Kerberos environment. It allows you to do this by studying the response from a TGT request to the KDC server. The tool works against both Microsoft Active Directory, MIT and Heimdal Kerberos implementations. In addition [...]

September 26th, 2008

Brits Give Up Passwords For a £5 Gift Voucher

So it turns out you don’t need any fancy password cracking software like John the Ripper or Cain and Abel you just need a handful of £5 gift vouchers for Marks and Spencers!
But we had discussed this in part before, some people will give out their passwords if you just ask, some if you offer [...]

April 25th, 2008

Chocolate Owns Your Passwords

The same old story, if you ask people for something they will most likely give it without thinking of the consequences..
Even more so if you are a pretty girl, and in this case you offer someone chocolate. Hey who doesn’t love chocolate? I have to say I don’t love it enough to give out my [...]

March 13th, 2007

PwdHash from Stanford – Generate Passwords by Hashing the URL

The Common Password Problem.
Users tend to use a single password at many different web sites. By now there are several reported cases where attackers breaks into a low security site to retrieve thousands of username/password pairs and directly try them one by one at a high security e-commerce site such as eBay. As expected, this [...]

May 3rd, 2006

Medusa Password Cracker Version 1.1 Now Available For Download

Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net. It currently has modules for the following services: CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, NCP (NetWare), PcAnywhere, POP3, PostgreSQL, rexec, rlogin, rsh, SMB, SMTP (VRFY), SNMP, SSHv2, SVN, Telnet, VmAuthd, VNC, and a generic wrapper module.

While Medusa [...]

May 2nd, 2006

Microsoft Shelves Support for RSA SecurID in Vista

Switchback? For the worst? Aww Microsoft would never compromise our security for the sake of convenience or their profit line right?

Microsoft has shelved plans to include native support for RSA’s SecurID tokens in Windows Vista, even though the company has been trialling the technology for almost two years.
In February 2004, Microsoft chairman Bill Gates announced [...]

April 18th, 2006

Photos as Visual Passwords Could Foil Hackers?

I’ve tried out a few of these visual recognition password technique things, and to tell you the truth they didn’t work for me, not at all.
I clicked the requisite 3-4 spots on the image, and remembered them, but when I tried to login it wouldn’t accept it.

A password that uses images instead of numbers could [...]


Sitemap - ShaolinTiger - DigiSniper - Digital Photography
Shutter Asia Photography Forum - We Ate This