There are some live CDs that are used to recover the Windows Password (in case you forgot what it is) as well as other things.
One of them is ophcrack
(Remember ERD commander 2005?)
See how it is simple to use Ophcrack in here
More info:
http://home.eunet.no/~pnordahl/ntpasswd/
http://www.jms1.net/ie.shtml
http://geeksaresexy.blogspot.com/2005/12/auditing-your-users-passwords-for.html
http://www.ultimatebootcd.com/
http://sourceforge.net/projects/austrumi/
http://geeksaresexy.blogspot.com/2006/04/cracking-your-windows-sam-database-in.html
Saturday, December 22, 2007
What is my Windows password ?
Thursday, November 8, 2007
Wednesday, September 19, 2007
Risk Assessment part 1
As promised I will publish in the next days the sum of the lecture that I presented on 18/09/2007 at the technion class.
it will include all the links, tools and highlights.
You will be more than welcomed to comment if some thing is missing.
In general , more info can be found on
1.http://www.microsoft.com/technet/security/topics/complianceandpolicies/secrisk/srsgch04.mspx (Security Risk Management Guide )
2. Michael J. Murphy's Web Log
Find security training events:
http://www.microsoft.com/seminar/events/security.mspx
Sign up for security communications:
http://www.microsoft.com/technet/security/signup/ default.mspx
Order the Security Guidance Kit:
http://www.microsoft.com/security/guidance/order/ default.mspx
Get additional security tools and content:
http://www.microsoft.com/security/guidance
Download MSAT ver 3.0 on:
http://www.microsoft.com/downloads/details.aspx?FamilyId=6D79DF9C-C6D1-4E8F-8000-0BE72B430212&displaylang=en
Friday, September 14, 2007
recommnded site of the week
This site was recomended by my friend ^E^.
You can find there some great simple tools for spoofind, port scanning, web security, wireless, honypots ,audits and more
spoofing
http://www.hackerscenter.com/directory.asp?id=18
port scanning
http://www.hackerscenter.com/directory.asp?id=17
web security
http://www.hackerscenter.com/directory.asp?id=16
they have also released their ethical hackers tool kit
enjoy
Tuesday, September 4, 2007
Just some good basic downloads
Hi,
Recently I was asked to recommend some basic useful links
I will present them shortly and give more details in the future
Metasploit
http://framework.metasploit.com/msf/downloader/?id=framework-3.0.exe
Tor
http://tor.eff.org/dist/vidalia-bundles/vidalia-bundle-0.1.2.17-0.0.14.exe
Cain
http://www.oxid.it/cain.html
Nmap
http://download.insecure.org/nmap/dist/nmap-4.22SOC6-setup.exe
Ethereal
http://www.ethereal.com/distribution/win32/ethereal-setup-0.99.0.exe
Wednesday, August 29, 2007
Risk assessment & managment
I am going to lecture at the technion on “Risk assessment & management” on
- 18/09/2007
- 23/09/2007
The summery of the lectures will be publish on 24/09/07
More lecture's subjects and dates will be publish soon.
Tuesday, August 21, 2007
wild but not from the wild - viagra shell code
viagra shell code - By Jacky Altal ... and Davidi
----------------------------------
"Shellcode may be used as an exploit payload, providing a cracker with, typically, command line access to a computer system with the privileges of the process that has been exploited" - quoted from wikipedia.
We founded our self using fixed Payloads written by metasploit group (HD More, Skype). Usaully, the Download && Execute, Windows Execute Command, Windows Bind Shell and obviously the Reverse Shell are the easiest to understand especially when you are new to the shell code area. In order to add some fun , here is an hearable shell code to add to the personal arsenal kit.
This is quite big shell code and it cant be used on small buffers but still...
Cant stop smiling while running my shell code again and again.
This is only a taste of the shell code source. you can find it all in the following link: HackingDefined
Credits Jacky Altal
void main(void)
{
__asm (
mov eax,345 //1b8h
mov ebx,392 //1f4h
push eax
push ebx
mov edx,0x7c837a77
call edx
mov eax,500
mov ebx,326
push eax
push ebx
mov edx,0x7c837a77
call edx
);
}
Enjoy,
Sunday, August 19, 2007
.Net Password Cracking by Jacky Altal and Amir Davidi
.Net Password Cracking by Jacky Altal and Amir Davidi
Overview:
Papers saying that 95% of the .NET applications are vulnerable to a simple cracking method, in my experience most of the .NET are too easy to crack and most of them are considered to be level one cracking. I don’t think that a high programming level should be required to accomplish this task. Actually it is much easy to crack .NET files then any other type of EXE. You are going to need a Brain……
What are .NET assemblies?
- .NET assemblies (Apps, Dlls) are running on .NET Framework
- .Net solutions/projects compiled into MSIL (Microsoft Intermediate Language) and then assembled to .NET assemble
Tools:
.NET framework comes with two important tools:
ILDASM - .NET de-assemble
ILASM - .NET assemble
Logical Steps:
- .NET de-assembling
- MSIL code editing
- .NET re-assembling
Let's start cracking…………….InternetTV
1. Install the application.
2. Insert any password that you want and take a note of the error message.
3. Locate the exe file.
4. Open ILDASM.
5. Change (C)onditional jumps to the opposite value (82 to 83)
6. Re-assemble file
ILDASM
ILDASM is a Microsoft tool that used to examine .NET assembly files. With ILDASM we can generate ILCODE from a given assembly file.
Let's open the InternetTV executable file:
C:\Program Files\Microsoft Visual Studio 8\SDK\v2.0\Bin>ildasm "C:\Documents and Settings\jacky\MyDocuments\VisualStudio2005\Projects\ InternetTV \bin\Debug\AyalonHighWayViewer.exe" /out="c:\InternetTV.il" /text
Now we have a disassembly file that we can work on. And named InternetTV.il
Open the new file (InternetTv.il) with your favorite editor and start editing it. Actually our goal is to remove the Secure Name Protection from the code and then search for username and password values. This step is very trivial and easy (if you want to understand more about the method just google it). As for now we will just remove it from our code and move on to the credentials values.
Search for "publickey" and remove it (if exists) then search for Password and User fields Get your values and you are set……
Re-Assembly
We will use the ILASM file to re assembly our file (comes with VS.NET)
C:\Program Files\Microsoft Visual Studio 8\SDK\v2.0\Bin>ilasm C:\ILCODE\ InternetTV.il /resource=C:\ILCODE\ InternetTV.res /output=C:\InternetTV.exe
Last step:
Copy the new InternetTV.EXE file to your installed directory and run it……….
In the next tutorial we will learn how to inject functions into another .NET application…..
Enjoy.
Download
http://www.hackingdefined.com/cracking-net.rar
Info:
http://visualbasic.about.com/gi/dynamic/offsite.htm?site=http://sourceforge.net/projects/sharpdevelop
Wednesday, August 15, 2007
KISS principle
Some one that I truly respect asked me today to explain how I performed something related to security issue. This person is a great source of knowledge for all that concern "Application security", and one hell of a smart guy.
While trying to figured out how to explain it, and yet not expose my deepest technical secrets, I remembered one great subject that once I was honored to learn about.
It called "KISS".
"The term KISS is an acronym of the phrase 'Keep It Simple, Stupid', and the KISS principle states that design simplicity should be a key goal and unnecessary complexity avoided. It serves as a useful and frequent verbal exhortation (or even dedicated policy) in software development, animation, engineering, and in strategic planning (especially military operations). Other versions of the phrase include "Keep It Simple & Stupid" (most recently used in west-European literature), "Keep It Sweet & Simple," "Keep It Short & Simple," "Keep it Simple, Sweetheart," and "Keep it Simple, Sherlock," and the obvious scatalogical variation.
The principle roughly corresponds to Occam's razor, and to Albert Einstein's maxim that "everything should be made as simple as possible, but no simpler."[1]
Leonardo da Vinci, who lived after Ockham’s time, had his own variant of Occam’s Razor, sidestepping the need for sophistication by equating it to simplicity: "Simplicity is the ultimate sophistication"
--------------------------------------------------
Taken from http://en.wikipedia.org/wiki/KISS_principle
Tuesday, August 14, 2007
Friday, August 10, 2007
New pictures from BlackHat & defcon 2007
"Insomnia is a sleep disorder characterized by an inability to sleep and/or inability to remain asleep for a reasonable period. Insomniacs typically complain of being unable to close their eyes or "rest their mind" for more than a few minutes at a time. Both organic and nonorganic insomnia constitute a sleep disorder.[1][2] It can be caused by fear, stress, anxiety, medications, herbs, caffeine, depression, or bipolar disorder and sometimes occurs for no apparent reason. An overactive mind or physical pain may also be causes. Finding the underlying cause of insomnia is usually necessary to cure it. Insomnia can be common after the loss of a loved one, even months or a year after the death, if they are not grieving correctly (pretending they are over it when they are not). It very often occurs when the person has a lack of food or not enough variety of foods (such as eating one food over and over again)." (http://en.wikipedia.org/wiki/Insomnia)
Instead of sleeping ... why not adding some pictures to the blog?
See below the link
Thursday, August 9, 2007
On 09-08-07 , WTF
"Actually, i am just testing to see if this system works."
I bet that most new blogs first statment is identical or similar to the above, but after a while the admin delete it (betting is a new habbit that i have imported latly)
While trying to get over with one week (*) Jet lag i got, from firsly visit in the US (VEgas.. Yoo hoo), and from some weird and not specific reasonable reason, i have decided that openning my own blog will cure the problem.(* "Problem" - See above for legal clarifications)