From: Boogiebruva (boogiebruva@yahoo.co.uk)
Date: Wed Feb 08 2006 - 11:36:06 EST
It all depends on the hacking ability of the attacker as well. Most script
kiddies will probably use LC5 or Cain in a windows environment whereas more
experienced attackers will probably prefer John the Ripper or Rainbow Tables
on a Linux/UNIX box. Even then, LC5 and Cain are such good programs, that
I've seen plenty of very knowledgeable security pros using them. And no, not
every one of them paid for LC5!
-----Original Message-----
From: ROB DIXON [mailto:RDIXON@workforcewv.org]
Sent: martes, 07 de febrero de 2006 19:04
To: stark192@hotmail.com; pen-test@securityfocus.com
Subject: Re: Rainbow Tables
Hey Tony,
The "others" should be informed that the malicious attacker is most
likely to NOT use "commercial" products.
And that for a true benchmark, maybe use the products that a malicious
attacker would use. Most of which will probably be open source or free at
the least. That is assuming that they are not writing their own software. ;)
I guess I'm asking, how do you justify "not" using free products?
You can buy pre-computated rainbow tables, but there are different
rainbowtables for different types of hashes. Example: ntlm, ntlmv2, sha1 ,
md5, etc.
cheers,
New Guy
Robert L. Dixon, CSO
CHFI A+
State of West Virginia's
West VIriginia Office of Techonology
Infrastructure Applications
Netware/GroupWise Administrator
Telephone: (304)-558-5472 ex.4225
Email:rdixon@workforcewv.org
>>> <stark192@hotmail.com> >>>
Hello,
Trying to crack our password list at work, it's a long story, but it has
been put on a higher priority. I've been looking for some good pre-computed
hash tables, like Rainbow tables, that will work with LC5. Does anyone have
a source?
I'd like to use RainbowCrack but others want to stick to commercial
products.
Thanks,
Tony
----------------------------------------------------------------------------
-- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- --- ---------------------------------------------------------------------------- -- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- --- __________ NOD32 1.1399 (20060208) Information __________ This message was checked by NOD32 antivirus system. http://www.eset.com ___________________________________________________________ Yahoo! Photos – NEW, now offering a quality print service from just 8p a photo http://uk.photos.yahoo.com ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:28 EDT