How I Cracked your Windows Password (Part 1) AdvertisementGFI LanGuard your virtual security consultant. Scan your LAN for any vulnerability and automate patch management for Windows, Mac OS & Linux. Get your FREE trial now! How Windows creates and stores password hashes and how those hashes are cracked. If you would like to read the next part in this article series please go to How I Cracked your Windows Password (Part 2). Introduction Passwords tend to be our main and sometimes only line of defense against intruders. The purpose of this article is to educate you on how Windows creates and stores password hashes, and how those hashes are cracked. How Windows Stores Passwords Windows-based computers utilize two methods for the hashing of user passwords, both having drastically different security implications. LM Password Hashes The LM hash of a password is computed using a six-step process: In practice, the password “PassWord123” would be converted as follows: Figure 1: A password transformed into an LM hash NTLM Password Hashes Conclusion
Windows BitLocker Drive Encryption Step-by-Step Guide What is BitLocker Drive Encryption? BitLocker Drive Encryption is an integral new security feature in the Windows Vista operating system that provides considerable protection for the operating system on your computer and data stored on the operating system volume. BitLocker ensures that data stored on a computer running Windows Vista remains encrypted even if the computer is tampered with when the operating system is not running. BitLocker uses a Trusted Platform Module (TPM) to provide enhanced protection for your data and to assure early boot component integrity. BitLocker is designed to offer a seamless user experience. The TPM interacts with BitLocker to help provide seamless protection at system startup. Who should use BitLocker Drive Encryption? This guide is intended for the following audiences: IT planners and analysts who are evaluating the product Security architects In this guide Requirements for BitLocker Drive Encryption These steps are for testing only. Before you start
remote-exploit.org How I Cracked your Windows Password (Part 2) If you would like to read the first part in this article series please go to How I Cracked your Windows Password (Part 1). Introduction In the first part of this series we examined password hashes and the mechanisms Windows utilizes to create and store those values. It is always crucial to note that the techniques shown here are strictly for educational purposes and should not be used against systems for which you do not have authorization for. Obtaining Password Hashes In order to crack passwords you must first obtain the hashes stored within the operating system. There are a few different options here depending on the level of access you have to the machine you are auditing. Physical Access If you have physical access, one of the most effective methods is to boot the computer into a different operating system. If you are not quite comfortable doing this, you can use P. Figure 1: Hex output of the SAM hash Console Access Figure 2: Confirmation the Fgdump Utility Ran Correctly Network Access
John the Ripper password cracker John the Ripper is free and Open Source software, distributed primarily in source code form. If you would rather use a commercial product tailored for your specific operating system, please consider John the Ripper Pro, which is distributed primarily in the form of "native" packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance. This version integrates lots of contributed patches adding GPU support (OpenCL and CUDA), support for a hundred of additional hash and cipher types (including popular ones such as NTLM, raw MD5, etc., and even things such as encrypted OpenSSH private keys, ZIP and RAR archives, PDF files, etc.), as well as some optimizations and features. Unfortunately, its overall quality is lower than the official version's. To verify authenticity and integrity of your John the Ripper downloads, please use our PGP public key. There's a wiki section with John the Ripper user community resources.
Top 10 Password Crackers SecTools.Org: Top 125 Network Security Tools For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form . This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner , Ncat network connector , and Nping packet manipulator ). We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. 12 tools Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. version 1.1 on April 24, 2010 (2 years, 5 months ago). crackers wireless UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. version 4.9.43 on Dec. 3, 2011 (10 months ago). sniffers fuzzers
Wordlists & Password Profiling with CRUNCH, WyD, & CUPP Today I am going to show you how to use three (3) different tools in Linux (Backtrack 5) for creating targeted wordlists to help speed up and increase the chance of success for your dictionary attacks. I will be covering the use of CRUNCH for pure wordlist generation, and then I will cover the use of WyD and CUPP which use password profiling techniques to create targeted wordlists to narrow your attacks. I will provide the written walk through here with a video at the end. CRUNCH is a wordlist generator based on the user specified character set. You will need to download and extract using the following methods: COMMAND: tar -zxvf crunch-3.0.1.tgz COMMAND: cd crunch-3.0.1/ COMMAND: make && make install Basic syntax of CRUNCH looks like this (See MAN Pages for details): ./ crunch <min-len><max-len> [-f /path/to/charset.lst charset-name] [-o wordlist.txt] [-t [FIXED]@@@@] [-s startblock] [-c number] Breakdown of Syntax: o min-len = minimum length string to start at (REQUIRED) o -t *^ssw@rd% Thanks,
Understanding /etc/shadow file byVivek GiteonFebruary 23, 2006 last updated November 20, 2015 inBASH Shell, CentOS, Debian / Ubuntu, FreeBSD, HP-UX Unix, Linux, RedHat and Friends, Solaris-Unix, Suse, Ubuntu Linux, UNIX, User Management Can you explain /etc/shadow file format used under Linux or UNIX-like system? The /etc/shadow file stores actual password in encrypted format for user’s account with additional properties related to user password i.e. it stores secure user account information. /etc/shadow file fields (Fig.01: /etc/shadow file fields) Username : It is your login name.Password : It is your encrypted password. The last 6 fields provides password aging and account lockout features. How do I change the password? Use the following syntax to change your own password: $ passwd How do I change the password for other users? You must be root to change the password for all other users: # passwd userNameHere OR $ sudo passwd userNameHere How do I setup password again? The options are as follows: Share this tutorial on:
Create a Shiny Earth with Photoshop 3D Layers In this tutorial I'll show you how to create a shiny planet icon using the 3D features of Photoshop CS4 Extended. This will cover basic information about 3D layers and texture maps. Let's get started! Video Tutorial Our video editor Gavin Steele has created this video tutorial to compliment this text + image tutorial. Step 1 Create a new document which is 1000 pixels wide and 500 pixels high at a resolution of 300 pixels/inch, with a name of "Home." Step 2 We'll be using some texture for our planet. Step 3 Now go to 3D > New Shape From Layer > Sphere. Step 4 The "Earth" layer is now a 3D layer and a cube icon is displayed in the Layers Palette. Step 5 Grab the 3D Rotation Tool, click on the canvas, hold and drag to rotate the sphere and adjust it as you wish. Step 6 The edges of the sphere look aliased at the moment. Step 7 Now click on the Global Ambient Color box and set the color to R:100, G:100, B:100 and hit OK. Step 8 We'll now add a bump map to our planet. Step 9 Step 10 Step 11 Step 12 Step 13
How to Install Aircrack on Mac in 3 Easy Steps Installing Aircrack-ng can be a little confusing if you don't understand the lingo. Let me guide you trough those steps and you'll have Aircrack running natively in no time and almost no effort. Why Use Aircrack? Aircrack-ng is about up to 5 to 10 times faster than KisMAC when it comes to cracking WPA or WEP password. KisMAC has an old Aircrack Engine and, honestly, it needs an update... Aircrack-ng 1.1 churns about 1500 "WPA" keys per Second, or about 360 Passphrase/second when KisMAC is left behind at 160/Sec on a dual core. Aircrack-ng can recover keys for WEP and WPA. Yes, it's 1,576,213 PMK/S. Back to Aircrack: On WEP, the difference is extremely noticeable, especially on low IV's captures. For Airport users, once decrypted, you have to enter the key without semicolons and space. If you are not familiar with the lingo, or wonder what does what, I would suggest reading the FAQ first. Installing Aircrack-ng on OS X You'll need: The Installation
Business Network - Social Network for Business Professionals Biometrics.gov - Introduction to Biometrics The NSTC Subcommittee on Biometrics and Identity Management developed this introductory material in order to better communicate both within the government and with other interested parties. Stating facts and discussing related issues in a consistent, understandable manner, will enable smoother integration of privacy-protective biometric solutions. Federal agencies are working to ensure that their outreach activities are consistent with, and occasionally reference, this suite of documents so that the public, press and Congress are able to easily understand their plans and discuss them productively. The background material here was developed in 2006. Introduction Technologies Cross-Cutting Topics Additional References
Realistic Smoke Effect Photoshop Tutorials Adobe Photoshop, as we all know is rightfully regarded as the Swiss knife of designers all around the world. With Photoshop, you can literally create all kinds of illustrations that you previously only dream about! With this fantastic tool, you can virtually create any effect you want. It’s like an infinite canvas of your dreams. If you have the imagination, sky is the limit. Pin it Smoking is damaging to health they say, indeed, but with Photoshop who needs real smoke? Below the promised showcase of awesome smoke effect Photoshop tutorials. Create Smoke TextMixing type and a smoke image to create a really nice abstract wallpaper. Smoke EffectHow to create smoke effect in 30 seconds. Manipulate Smoke to Create Hyper-Real ImagesLearn to apply the Warp Tool effectively and a few other tricks to make smoke look like a skull. Creating Smoke Like EffectsHow to create subtle smoke-like effect. Smoke Fading EffectSmoking hot girl with smoke fading effect. Photoshop Smoke Tutorial Creating Smoke