-
May 22nd, 2002, 09:25 PM
#1
Password Cracker
Does anyone know of a password cracker, that runs on windows, and cracks Unix/Linux password files?
The reason why, is because, I would like to see how secure my password is for my website. If there isn't one that does that. How can I make a password on windows, and use a windows password cracker, to audit it?
-
May 22nd, 2002, 09:43 PM
#2
Senior Member
I think somewhere in the MISC forum was a post for a web based cracking utility that allowed you to enter the MS hash of your password.
Edit: here it is
http://www.sec33.com/modules.php?name=IPC
As far as I would imagine, password complexity is just that...and not dependent upon operating system.
Otherwise, L0phtCrack does have a trial version that does everything but brute force. I assume your password is at least going to pass the dictionary and dictionary+numbers attack that the trial does.
-
May 22nd, 2002, 09:44 PM
#3
search google or astalavista.com
-
May 22nd, 2002, 10:47 PM
#4
I imagine that a password cracker could be on windows against linux/unix or you could run it on unix against your localhost. I don't use many of these tools. I imagine a brute force attack could eventually gain access (assuming the account does not get locked after x failed attempts).
Cheers,
Duncan
If you spend more on coffee than on IT security, you will be hacked. What\'s more, you deserve to be hacked.
-- former White House cybersecurity adviser Richard Clarke
-
May 22nd, 2002, 11:19 PM
#5
Try John the Ripper @ http://www.openwall.com/john/. It has *nix/win/dos versions and is considered to be one of the best password crackers around. There was an article on it today from Linux Security called "Psst... I know your password".
I think somewhere in the MISC forum was a post for a web based cracking utility that allowed you to enter the MS hash of your password.
Edit: here it is
http://www.sec33.com/modules.php?name=IPC
As far as I would imagine, password complexity is just that...and not dependent upon operating system.
Otherwise, L0phtCrack does have a trial version that does everything but brute force. I assume your password is at least going to pass the dictionary and dictionary+numbers attack that the trial does.
This is an NT password cracker and I cannot speculate on its efficiency since the source code has not been released. I remember there were some doubts about this when the link to this was first posted at AO.
OpenBSD - The proactively secure operating system.
-
May 23rd, 2002, 01:04 AM
#6
JohntheRipper just get a a couple good word lists first
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
May 23rd, 2002, 01:05 AM
#7
John The Ripper kicks butt!
-
May 23rd, 2002, 01:27 AM
#8
-
May 23rd, 2002, 03:32 AM
#9
I use L0PHT crack. Its pretty good but is kind of slow, if you look around you can get a copy for free. Search google or another search engine for the link to the site.
-
May 23rd, 2002, 03:37 AM
#10
Go here:
http://www.evadenet.com/downloads/lophtcrack.shtml
A direct d/l for lophtcrack.
PS... Dooh! Nevermind. I had my head up my a*$ and did'nt pay attention to the question. Lophtcrack runs on Win32 or Unix/Linux. But it's used to hit Password Dumps and SAMS on Win32 platforms. You want to nail a *nix box from win. I can't read tonight. Somebody slap me before I post again...................
The COOKIE TUX lives!!!!
Windows NT crashed,I am the Blue Screen of Death.
No one hears your screams.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|