Password / Word lists
Posted September 19, 2009 – 10:00 in: Room362, syndicatedBrute force, even though it’s gotten so fast, is still a long way away from cracking long complex passwords. That’s were word lists come in handy. It’s usually the crackers first go-to solution, slam a word list against the hash, if that doesn’t work, try rainbow tables (if they happen to have the tables for [...]
No Comments | Tags:Corrections and Questions about Nessus on Securabit
Posted September 19, 2009 – 10:00 in: Room362, syndicated*Update* I can’t say with 100% certainty that Nessus ever used NMAP as it’s base scanner, I was going off of memory. I apologize for not being perfect.
*Update 2* Since people can’t seem to let it go, I would say that I was totally wrong and the nmap was absolutely never used in nessus ever, [...]
GPU Hash / Password Cracking
Posted September 19, 2009 – 10:00 in: Room362, syndicatedI recently upgraded my video card and had a rough time finding programs that fit the hype of GPU password cracking, so here is what I found so that you won’t have as hard a time.
Ivan Golubev’s SHA1/MD5/MD4 cracker:
http://www.golubev.com/hashgpu.htm
Ivan Golubev’s RAR pass cracker:
http://www.golubev.com/rargpu.htm
CUDA Multiforcer (down at the time of this posting)
http://www.cryptohaze.com/bruteforcers.php
BarsWF – MD5 Cracker:
http://3.14.by/en/md5
GPU [...]
Pass the Hash Metasploit Demo
Posted September 19, 2009 – 10:00 in: Room362, syndicatedHere is a quick no nonsense PTH video I made for the guys over at SecurityAegis
Music is Scott Brown’s contribution to the Happy 2b Hardcore Chapter Four album called “Elysium”
© mubix for Room362.com, 2009. |
Permalink |
2 comments |
Add to
del.icio.us
Post tags:
Via Mubix from Room362.com
No Comments | Tags:Simplicity is Security
Posted September 19, 2009 – 10:00 in: Room362, syndicatedPer the best of the best in presenting, what breeds a good presentation slide deck? Simplicity
I want to pose a statement. “Simplicity is Security”. The reason I say this is that this day in age, at least in the US, ‘convenience’ is king. And we try to protect those conveniences with ’security’. Let me start [...]
Applied Network Security Density
Posted August 13, 2009 – 03:26 in: Room362, syndicatedI recently visited Tokyo, Japan. Just as always, my curiosity got the best of me and I started to calculate the population density of the buildings where I was staying. Giving fudge factor of non-populated apartments, I estimated 8,500 families in twelve 15 story buildings, living in a 1.5 mile square piece of land.That’s CRAZY. [...]
No Comments | Tags:Sexism and the religion of hackers
Posted July 13, 2009 – 11:36 in: Room362, syndicatedLet me preempt this post with the following facts: I am a white male veteran with amazing parents. I went to a good school, and was never under-valued by the people I cared about. I fit no minority profiles in other words. I tell you this so that you can latch on to it as [...]
No Comments | Tags:Local Security – DC-NoVA-MD
Posted June 29, 2009 – 15:18 in: Room362, syndicatedLooking for local events?
I’ve gotten a lot of people asking me recently where the local events are in DC, and I almost every time turn them to the awesome http://www.novainfosecportal.com/ which is hands down the best source for local events for the DC-NoVA-MD area, not just NoVA.
Grecs (follow him on twitter) does an amazing job at [...]
Metasploit Framework as a Payload
Posted June 25, 2009 – 21:45 in: Room362, syndicatedWell, sorta…
I created a meterpreter script that takes the cygwin bundled version of Metasploit inside of a NullSoft installer that HD Moore created and deploys it using meterpreter to the compromised host, extracts/installs it, and runs the shell. Now I left this intentionally open so that you could package your own cygwin bundle (possibly with [...]
Security Tools I’m Looking For Part I
Posted June 17, 2009 – 07:14 in: Room362, syndicatedThere are a lot of tools that I find in my endeavors would be really helpful, but can’t find on the net for whatever reason.
A portable version of of tshark that has ARP spoofing capabilities. I want to be able to drop the file, issue the arguments and pull the pcap back.
A application that can [...]
