New online service for password hacking
Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: New online service for password hacking

  1. #1
    Member
    Join Date
    Aug 2005
    Posts
    98

    New online service for password hacking

    See:

    http://www.theregister.co.uk/2005/11...ssword_hashes/

    Some enterprising people have decided to make money out of providing people with the ability to obtain passwords from hashes.

    The malicious user still needs to be able to obtain the password hash, meaning they either need to sniff it or have physical access to the box so your other controls will hopefully protect you but......

    What are the possible uses of this system except for providing people with the ability to crack passwords for a malicious reason. I can't think of a reason why this service could be used for a legitimate purpose.

    Let me know if I am missing something though??

  2. #2
    Banned
    Join Date
    Jun 2005
    Posts
    445
    Well... I have occasionally had to break into machines for legitimate purposes.


    Users occasionally forget their passwords, and if there is only one account on the machine...

  3. #3
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    Shrekkie's (now known as Raiden) website had one up for a while, though just for MD5 hashes. It's down right now due to a lack of disk space and RAM, but it was up not too long ago, and worked magically...

    If Shrekkie can do it, anyone can
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  4. #4
    Member
    Join Date
    Aug 2005
    Posts
    98
    D0pp -
    Yeah I thought about that too but if you are going to use this service you still need the password hash - Which you will need to log onto the box to obtain (unless you have a backup of your password hash somewhere - which I doubt would be likely).

  5. #5
    Senior Member
    Join Date
    Oct 2003
    Posts
    394
    Nice but.... finger prints and usb keys become be used more now.... I do not know how that kind of info is stored in computer.... but I think that is limitation for that service...
    It is not always now that is if you can crack then you can use....
    You can crack but cannot use.....

    Yes it is legal way to that but just on computer that is yours or you have rights to do that.
    "Rights" is key.. but still each contry has own rulls. So some of users need to check up it if it is legal there.
    // too far away outside of limit

  6. #6
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    All you actually need is some method of booting the machine without using the hard drive. A live cd will work, as will a boot floppy with the capability to read the SAM database. You can also just take the hard drive out and place it in another computer to read it.

    If you have physical access to the machine, you can get anything you want off the hard drive. It's really that simple.
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  7. #7
    Member
    Join Date
    Aug 2005
    Posts
    98
    True - Ok I didn't think of live CD if you have forgotten the password of the 1 account on the system then this service could be useful.

    But you have to pay a yearly subscription fee, is anyone actually going to pay such a fee just in case they forget their password?

    I just think that (if people sign up for this service) the overwhelming use of this service will be for cracking others passwords that have been obtained either illegally or without the other individuals consent.

    I would hope that most corporates or Govts have an appropriate level of additional controls to make this a non issue, just thinking about home users and the potential risks for them.
    Mind you for most of the uneducated home users I know, there are plenty of easier ways that they will be exploited!!

  8. #8
    Senior Member
    Join Date
    Oct 2003
    Posts
    394
    If you are home user that cannot much about computer and you have password on you windows account, so it is easy to reset it with windows build in tool....

    1) push "ctrl+alt+del" two time in login screen, so it will change to-> User and Password box.
    2) Write in User name "Administrator" in can be different deppends on what language that OS is, (in that case translate Administrator into your language)
    3) No password need, just push Enter
    4) In console you can use "start control userpasswords2" or in run menu "control userpasswords2"
    5) then chose account where you want to reset password, you will se "Reset Password" butten there.

    Easy...... , windows helps do it for free....
    // too far away outside of limit

  9. #9
    Senior Member
    Join Date
    Oct 2005
    Posts
    197
    Resetting passwords via a linux boot disk works too well. I see no problems with that but I do think that normal users wont need this site really. I think of it as any other tool out there like a gun for example, guns dont kill people. People kill people. This site might be like any other offencive tool that could be used for wrong doing. Its kinda in the grey area.
    meh. -ech0.

  10. #10
    AFLAAACKKK!!
    Join Date
    Apr 2004
    Posts
    1,066
    This site requires a yearly fee?? Sorry but most malicious users are not going to pay for this service... mainly because there are a number of other ways and free software out there that will do it for you... Might take longer, but it's free... There's also ways to make password cracking clusters to make the process faster... there's a tutorial on AO about that somewhere...

    It seems they have made a yearly fee because A: they want to make money and B: it will help keep malicious people away...
    I am the uber duck!!1
    Proxy Tools

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •