Jump to content

m3g9tr0n

Members
  • Content count

    5
  • Joined

  • Last visited

6 Followers

About m3g9tr0n

  • Rank
    Newbie
  • Birthday 05/04/1980

Previous Fields

  • Γλώσσες προγραμματισμού
    C, Assembly, Cisco IOS commands, VHDL and SQL.

Profile Information

  • Gender
    Male
  • Interests
    I am passionate about computer programming, high performance computing, Network Security, Cisco IOS research, exploit writing, reversing and test new technological fields especially GPU capabilities!!!
  1. m3g9tr0n

    Php Ide

    In my opinion, there is also a powerful IDE which called solaris studio.With the suitable plugins you can do everything!
  2. In this topic I will demonstrate how you can make John the Ripper an ultimate cracking tool with the help of Jumbo Patch and MPI on Linux. If you have not ever heard about John the Ripper then this link will help you to your first acquintance with this awesome password cracking tool. When I heard about John the Ripper, it was two years ago, the first searching result that google appered to me was the official website of Solar Designer, the inspirator and creator of John the Ripper, which can be found there. I have to admit that the abilities of this cracking tool made to really love that tool. However, there was a little problem. John the Ripper was operating only in CPU mode and worse the unpatched version could operate only with one core of CPU. In addition, the cracking variety was restricted in few kind of passwords (But even in this mode Windows Passwords are truly cracked very quickly especially LM hashes ;) ).One day, when I was reading a penetration testing report about Lotus Domino Servers I read that John the Ripper is able to crack Lotus Domino hashes with the help of Jumbo Patch.I did not lose the opportunity and first I searched about it in order to explore this Jumbo Patch. The steps for patching John with Jumbo patch are the following: 1)Download the Latest Version of John the Ripper from there. 2)From the same location download the Jumbo patch. At the current time that this topic is written the version of Jumbo patch is 12. 3)Extract John the Ripper into a directory of your preferece by applying tar xzvf john-VERSION.tar.gz in terminal. 4)Navigate with the "cd" command to John the Ripper's Folder and then to src folder. 5)Compile with make and select your architecture.On my Linux based distribution I always select "linux-x86-sse2 Linux, x86 with SSE2 (best if 32-bit)" 6)Then type: make clean SYSTEM (Where system is the appropriate make Target).In that phase, we just completed the normal installation of John the Ripper but do not worry about the patch it is also simple. 7)To apply the contributed patch copy the jumbo patch that you downloaded from step 2 to the same directory of John the Ripper and then issue the following commands (if gzip utility is not installed, install this through your software repositories or from an rpm or deb packet): gzip -dc ../john-VERSION-WHAT-REVISION.diff.gz | patch -p1 (where VERSION, WHAT, and REVISION are parts of the patch file name). patch -p1 < ../john-VERSION-WHAT-REVISION.diff (where VERSION, WHAT, and REVISION are parts of the patch file name). The option is letter p followed by digit 1 (one), meaning to strip one leading directory name (the top-level directory for our source tree) from pathnames specified in the patch file. At this point, you have to re-compile again John the Ripper by executing the corresponding instruction reported in steps 4, 5 and 6. If everything went well then Gongratulations you just installed John the Ripper With Jumbo Patch.By applying this patch, John the Ripper now is able to crack different kind of passwords including md5, sha1, lotus domino hashes, Joomla Passwords and others.But there is one more step to accomplish our building process. 8)In order to make John the Ripper an Ultimate cracking tool we have to make one more patch referring to MPI. At the current time the version of MPI patch can be downloaded from there. The installation of MPI patch is the same that was mentioned in step 7 and of course by making this additional patch you have to rebuild John the Ripper again. Furthemore, the following packages are required for MPI: 1) libmpich1.0-dev - mpich static libraries and development files 2) libmpich-mpd1.0-dev - mpich static libraries and development files 3) libmpich-shmem1.0-dev - mpich static libraries and development files 4) mpich2 - Implementation of the MPI Message Passing Interface standard 5) mpich2-doc - Documentation for MPICH2 6) openssh-server - secure shell (SSH) server, for secure access from remote machines (It is necessary for Local Network cracking Process which is not needed for now) 7) build-essentials - Informational list of build-essential packages You can install them manually or through from your Software Package Manager. At this phase, if you did not issue any problem about installation then I am proud to announce you that you made John the Ripper the Ultimate Cracking Tool.A little proof of concept is enough to convince you. [email protected]:/home/user/john-1.7.6-3/run#mpirun -np <Your Processor's Cores in my case 4> ./john --test Benchmarking: Traditional DES [128/128 BS SSE2] (MPI, 4 nodes)... DONE Many salts: 9337K c/s real, 9245K c/s virtual Only one salt: 7856K c/s real, 7856K c/s virtual Benchmarking: BSDI DES (x725) [128/128 BS SSE2] (MPI, 4 nodes)... DONE Many salts: 311936 c/s real, 311936 c/s virtual Only one salt: 303616 c/s real, 303616 c/s virtual Benchmarking: FreeBSD MD5 [32/32] (MPI, 4 nodes)... DONE Raw: 37619 c/s real, 37998 c/s virtual Benchmarking: OpenBSD Blowfish (x32) [32/32] (MPI, 4 nodes)... DONE Raw: 2277 c/s real, 2323 c/s virtual Benchmarking: Kerberos AFS DES [48/64 4K MMX] (MPI, 4 nodes)... DONE Short: 1040K c/s real, 1040K c/s virtual Long: 3543K c/s real, 3543K c/s virtual Benchmarking: LM DES [128/128 BS SSE2] (MPI, 4 nodes)... DONE Raw: 46154K c/s real, 46154K c/s virtual Benchmarking: NT MD4 [128/128 SSE2 + 32/32] (MPI, 4 nodes)... DONE Raw: 64353K c/s real, 64353K c/s virtual Benchmarking: Mac OS X 10.4+ salted SHA-1 [32/32] (MPI, 4 nodes)... DONE Many salts: 13422K c/s real, 13422K c/s virtual Only one salt: 12333K c/s real, 12333K c/s virtual Benchmarking: M$ Cache Hash [Generic 1x] (MPI, 4 nodes)... DONE Many salts: 78499K c/s real, 78499K c/s virtual Only one salt: 30058K c/s real, 30058K c/s virtual Benchmarking: M$ Cache Hash 2 [Generic 1x] (MPI, 4 nodes)... DONE Raw: 360 c/s real, 360 c/s virtual Benchmarking: Apache MD5 [32/32] (MPI, 4 nodes)... DONE Raw: 38450 c/s real, 38450 c/s virtual Benchmarking: HMAC MD5 SSE2 [hmac-md5 SSE2] (MPI, 4 nodes)... DONE Raw: 12523K c/s real, 12523K c/s virtual Benchmarking: Post.Office MD5 [sTD] (MPI, 4 nodes)... DONE Many salts: 14806K c/s real, 14806K c/s virtual Only one salt: 13966K c/s real, 13966K c/s virtual Benchmarking: Raw MD5 SSE2 [raw-md5 SSE2 16x4] (MPI, 4 nodes)... DONE Raw: 41539K c/s real, 41539K c/s virtual Benchmarking: md5_gen(0): md5($p) (raw-md5) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Raw: 41039K c/s real, 41450K c/s virtual Benchmarking: md5_gen(1):md5($p.$s) (joomla) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Many salts: 31475K c/s real, 31475K c/s virtual Only one salt: 25898K c/s real, 25898K c/s virtual Benchmarking: md5_gen(2): md5(md5($p)) (e107) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Raw: 21458K c/s real, 21458K c/s virtual Benchmarking: md5_gen(3): md5(md5(md5($p))) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Raw: 14452K c/s real, 14452K c/s virtual Benchmarking: md5_gen(4): md5($s.$p) (OSC) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Many salts: 38648K c/s real, 38648K c/s virtual Only one salt: 30505K c/s real, 30505K c/s virtual Benchmarking: md5_gen(5): md5($s.$p.$s) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Many salts: 33489K c/s real, 33827K c/s virtual Only one salt: 27149K c/s real, 27703K c/s virtual Benchmarking: md5_gen(6): md5(md5($p).$s) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Many salts: 44425K c/s real, 44873K c/s virtual Only one salt: 16888K c/s real, 17233K c/s virtual Benchmarking: md5_gen(7): md5(md5($p).$s) (vBulletin) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Many salts: 42888K c/s real, 43321K c/s virtual Only one salt: 17838K c/s real, 17838K c/s virtual Benchmarking: md5_gen(8): md5(md5($s).$p) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Many salts: 36126K c/s real, 36491K c/s virtual Only one salt: 30107K c/s real, 30107K c/s virtual Benchmarking: md5_gen(9): md5($s.md5($p)) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Many salts: 35414K c/s real, 35414K c/s virtual Only one salt: 17669K c/s real, 17669K c/s virtual Benchmarking: md5_gen(10): md5($s.md5($s.$p)) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Many salts: 18313K c/s real, 18313K c/s virtual Only one salt: 16483K c/s real, 16483K c/s virtual Benchmarking: md5_gen(11): md5($s.md5($p.$s)) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Many salts: 18692K c/s real, 18692K c/s virtual Only one salt: 16666K c/s real, 16666K c/s virtual Benchmarking: md5_gen(12): md5(md5($s).md5($p)) (IPB) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Many salts: 14942K c/s real, 14942K c/s virtual Only one salt: 9566K c/s real, 9566K c/s virtual Benchmarking: md5_gen(13): md5(md5($p).md5($s)) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Many salts: 14925K c/s real, 14925K c/s virtual Only one salt: 9572K c/s real, 9572K c/s virtual Benchmarking: md5_gen(14): md5($s.md5($p).$s) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Many salts: 31421K c/s real, 31421K c/s virtual Only one salt: 16539K c/s real, 16539K c/s virtual Benchmarking: md5_gen(16): md5(md5(md5($p).$s).$s2) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Many salts: 20614K c/s real, 20614K c/s virtual Only one salt: 12255K c/s real, 12134K c/s virtual Benchmarking: md5_gen(17): phpass ($P$ or $H$) SSE2 [sSE2 4x4 (.S)] (MPI, 4 nodes)... DONE Raw: 26502 c/s real, 26768 c/s virtual Benchmarking: md5_gen(18): md5($s.Y.$p.�.$s) (Post.Office MD5) SSE2 [128x1 (MD5_Go)] (MPI, 4 nodes)... DONE Many salts: 13016K c/s real, 13847K c/s virtual Only one salt: 13122K c/s real, 13255K c/s virtual Benchmarking: md5_gen(1001) md5(md5(md5(md5($p)))) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Raw: 10104K c/s real, 10206K c/s virtual Benchmarking: md5_gen(1002) md5(md5(md5(md5(md5($p))))) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Raw: 8705K c/s real, 8705K c/s virtual Benchmarking: md5_gen(1003) md5(md5($p).md5($p)) SSE2 [128x1 (MD5_Go)] (MPI, 4 nodes)... DONE Raw: 8268K c/s real, 8268K c/s virtual Benchmarking: md5_gen(1004) md5(md5(md5(md5(md5(md5($p)))))) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Raw: 7273K c/s real, 7273K c/s virtual Benchmarking: md5_gen(1005) md5(md5(md5(md5(md5(md5(md5($p))))))) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Raw: 6189K c/s real, 6251K c/s virtual Benchmarking: md5_gen(1006) md5(md5(md5(md5(md5(md5(md5(md5($p)))))))) SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Raw: 5473K c/s real, 5473K c/s virtual Benchmarking: md5_gen(1008) md5($p.$s) [joomla] SSE2 [sSE2 32x4 (.S)] (MPI, 4 nodes)... DONE Many salts: 31456K c/s real, 31456K c/s virtual Only one salt: 25945K c/s real, 25945K c/s virtual Benchmarking: PHPass MD5 SSE2 [phpass-MD5 SSE2] (MPI, 4 nodes)... Using phpass mode, by linking to md5_gen(17) functions DONE Many salts: 14415 c/s real, 14560 c/s virtual Only one salt: 14447 c/s real, 14592 c/s virtual Benchmarking: IPB2 MD5 [invision Power Board 2.x salted MD5] (MPI, 4 nodes)... DONE Many salts: 13145K c/s real, 13145K c/s virtual Only one salt: 7915K c/s real, 7915K c/s virtual Benchmarking: Raw SHA-1 SSE2 [raw-sha1 SSE2] (MPI, 4 nodes)... DONE Raw: 33316K c/s real, 32986K c/s virtual Benchmarking: Generic salted SHA-1 [32/32] (MPI, 4 nodes)... DONE Many salts: 12843K c/s real, 12843K c/s virtual Only one salt: 12566K c/s real, 12566K c/s virtual Benchmarking: Raw MD4 [32/32] (MPI, 4 nodes)... DONE Raw: 25871K c/s real, 25871K c/s virtual Benchmarking: Generic salted MD4 [32/32] (MPI, 4 nodes)... DONE Many salts: 25328K c/s real, 25328K c/s virtual Only one salt: 24299K c/s real, 24299K c/s virtual Benchmarking: Kerberos v4 TGT [krb4 DES] (MPI, 4 nodes)... DONE Raw: 6738K c/s real, 6738K c/s virtual Benchmarking: Kerberos v5 TGT [krb5 3DES (des3-cbc-sha1)] (MPI, 4 nodes)... DONE Raw: 96202 c/s real, 96202 c/s virtual Benchmarking: Netscape LDAP SHA SSE2 [sHA-1] (MPI, 4 nodes)... DONE Raw: 35379K c/s real, 35736K c/s virtual Benchmarking: Netscape LDAP SSHA SSE2 [salted SHA-1] (MPI, 4 nodes)... DONE Many salts: 43511K c/s real, 44399K c/s virtual Only one salt: 30695K c/s real, 31005K c/s virtual Benchmarking: OpenLDAP SSHA [salted SHA-1] (MPI, 4 nodes)... DONE Many salts: 13184K c/s real, 13184K c/s virtual Only one salt: 12596K c/s real, 12596K c/s virtual Benchmarking: Eggdrop [blowfish] (MPI, 4 nodes)... DONE Raw: 65299 c/s real, 65299 c/s virtual Benchmarking: Oracle [oracle] (MPI, 4 nodes)... DONE Raw: 1520K c/s real, 1520K c/s virtual Benchmarking: Oracle 11g [oracle11] (MPI, 4 nodes)... DONE Many salts: 13658K c/s real, 13658K c/s virtual Only one salt: 12632K c/s real, 12632K c/s virtual Benchmarking: MYSQL [mysql] (MPI, 4 nodes)... DONE Raw: 12506K c/s real, 12506K c/s virtual Benchmarking: MySQL 4.1 double-SHA-1 SSE2 [mysql-sha1 SSE2] (MPI, 4 nodes)... DONE Raw: 18314K c/s real, 18314K c/s virtual Benchmarking: Lotus5 [Lotus v5 Proprietary] (MPI, 4 nodes)... DONE Raw: 709563 c/s real, 709563 c/s virtual Benchmarking: More Secure Internet Password [RSA MD defined by BSAFE 1.x - Lotus v6] (MPI, 4 nodes)... DONE Many salts: 405265 c/s real, 409318 c/s virtual Only one salt: 243717 c/s real, 243717 c/s virtual Benchmarking: LM C/R DES [netlm] (MPI, 4 nodes)... DONE Many salts: 1456K c/s real, 1456K c/s virtual Only one salt: 1438K c/s real, 1438K c/s virtual Benchmarking: NTLMv1 C/R MD4 DES [netntlm] (MPI, 4 nodes)... DONE Many salts: 2222K c/s real, 2222K c/s virtual Only one salt: 2143K c/s real, 2143K c/s virtual Benchmarking: LMv2 C/R MD4 HMAC-MD5 [netlmv2] (MPI, 4 nodes)... DONE Many salts: 2424K c/s real, 2424K c/s virtual Only one salt: 2364K c/s real, 2364K c/s virtual Benchmarking: NTLMv2 C/R MD4 HMAC-MD5 [netntlmv2] (MPI, 4 nodes)... DONE Many salts: 2171K c/s real, 2171K c/s virtual Only one salt: 2226K c/s real, 2226K c/s virtual Benchmarking: HalfLM C/R DES [nethalflm] (MPI, 4 nodes)... DONE Many salts: 3610K c/s real, 3610K c/s virtual Only one salt: 3523K c/s real, 3558K c/s virtual Benchmarking: MSCHAPv2 C/R MD4 DES [mschapv2] (MPI, 4 nodes)... DONE Many salts: 2175K c/s real, 2220K c/s virtual Only one salt: 2097K c/s real, 2118K c/s virtual Benchmarking: MS-SQL SSE2 [ms-sql SSE2] (MPI, 4 nodes)... DONE Many salts: 44950K c/s real, 44950K c/s virtual Only one salt: 31758K c/s real, 31758K c/s virtual Benchmarking: MS-SQL05 SSE2 [ms-sql05 SSE2] (MPI, 4 nodes)... DONE Many salts: 44680K c/s real, 44680K c/s virtual Only one salt: 32427K c/s real, 32427K c/s virtual Benchmarking: EPiServer SID Hashes [sHA-1] (MPI, 4 nodes)... DONE Many salts: 13753K c/s real, 13753K c/s virtual Only one salt: 13112K c/s real, 13112K c/s virtual Benchmarking: PHPS MD5 SSE2 [MD5(MD5($pass).$salt) SSE2] (MPI, 4 nodes)... Using phps mode, by linking to md5_gen(6) functions DONE Many salts: 27428K c/s real, 27428K c/s virtual Only one salt: 11205K c/s real, 11205K c/s virtual Benchmarking: MYSQL_fast [mysql-fast] (MPI, 4 nodes)... DONE Raw: 87516K c/s real, 87516K c/s virtual Benchmarking: PIX MD5 SSE2 [pix-md5 SSE2] (MPI, 4 nodes)... DONE Raw: 37780K c/s real, 37780K c/s virtual Benchmarking: SAP CODVN G (PASSCODE) [sapg] (MPI, 4 nodes)... DONE Many salts: 4402K c/s real, 4402K c/s virtual Only one salt: 4188K c/s real, 4188K c/s virtual Benchmarking: SAP BCODE [sapb] (MPI, 4 nodes)... DONE Many salts: 6904K c/s real, 6904K c/s virtual Only one salt: 5594K c/s real, 5594K c/s virtual Benchmarking: Netscreen MD5 [NS MD5] (MPI, 4 nodes)... DONE Raw: 17918K c/s real, 17918K c/s virtual Benchmarking: HTTP Digest access authentication [HDAA-MD5] (MPI, 4 nodes)... DONE Many salts: 6350K c/s real, 6350K c/s virtual Only one salt: 6216K c/s real, 6216K c/s virtual Benchmarking: generic crypt(3) [?/32] (MPI, 4 nodes)... DONE Many salts: 681696 c/s real, 681696 c/s virtual Only one salt: 674756 c/s real, 681504 c/s virtual Enjoy and share with free mind!!!
  3. Actually the IP 77.49.xx.xx is not a class B IP address since you do not provide to us the subnet mask...I give you the following statements in order to clear the CLASSES of the IP address: * CLASS A 1-127 (0.0.0.0 - 127.0.0.0) with /8 prefix or 255.0.0.0 default subnet mask. In the above case the usable (by excluding the Network and Broadcast addresses which are not usable for hosts) Hosts per Network are: 224-2 * CLASS B 128-191 (128.0.0.0 - 191.255.0.0) with /16 prefix or 255.255.0.0 default subnet mask In the above case the usable hosts per subnet (Network) are 216-2 * CLASS C 192-223 (192.0.0.0 - 223.255.255.0) with prefix /24 or 255.255.255.0 default subnet mask In the above case the usable hosts per subnet are 28-2 In addition there are CLASS D Multicast addresses with range from 224-239 and CLASS E experimental addresses with range from 240-255 referring to first octet of the IP. It may be not relevant with the above statements but here i show the ranges for the PRIVATE IP addresses blocks: * 10.0.0.0 - 10.255.255.255 (With /8 prefix or 255.0.0.0 subnet mask) * 172.16.0.0 - 172.31.255.255 (With /12 prefix or 255.240.0.0 subnet mask) * 192.168.0.0 - 192.168.255.255 (With /24 prefix or 255.255.255.0 subnet mask) Furthermore, I have to say that you article is very clever and very nice!Honestly it gave me a new way of thinking about remote penetration testing!!!For these reasons two thumbs up from me!!!!
  4. In this article I analyze and evaluate the most important families of computer viruses for educational purposes!!Enjoy and share knowledge with free mind!!! Download link: http://dl.dropbox.com/u/22275017/Computer%20Viruses.pdf
  5. In this topic I will demonstrate how to write a simple penetration testing report!Like I said it is "simple" because its purpose is for educational purposes and was written when I was in college!Professional penetration testers will make a better report than mine because my penetration testing report concentrates to an hypothetical company located in Greece!Ok i said enough about it so let's go to the topic and I hope that you will enjoy this mix of knowledge! Download Link: http://dl.dropbox.com/u/22275017/Penetration%20Testing%20Report.pdf
×