Search This Blog

Showing posts with label Password Crackers. Show all posts

Security researcher awarded $30,000 for spotting a privacy bug in Instagram





A security researcher from India has won $30,000 in a bug bounty program after he found a flaw in Facebook-owned photo-sharing app Instagram.

Laxman Muthiyah discovered a vulnerability that allowed him to hack any Instagram account without consent permission."

He took over someone's Instagram account by clicking on forget the password or requesting a recovery code against the account.

"I reported the vulnerability to the Facebook security team and they were unable to reproduce it initially due to lack of information in my report. After a few email and proof of concept video, I could convince them the attack is feasible," Muthiyah wrote in a blog post. 

The company’s security teams fixed the issue and rewarded the researcher $30,000 as a part of their bounty program.

However, a senior technologist at cybersecurity major Sophos, Paul Ducklin, said that the vulnerability found by Muthiyah no longer existed, and users should get back control for their hacked accounts. 


"In case any of your accounts do get taken over, familiarise yourself with the process you'd follow to win them back. In particular, if there are documents or usage history that might help your case, get them ready before you get hacked, not afterward," Ducklin said in a statement.

Facebook leaves passwords unencrypted



Facebook said there is no evidence its employees abused access to this data. The company said the passwords were stored on internal company servers, where no outsiders could access them. However, privacy experts suggested that users change their passwords.

The security slip left the passwords readable by the social networking giant's employees.

The issue was first reported by security researcher Brian Krebs, who published a blog post-Thursday detailing that Facebook employees built applications that captured the passwords of users and stored them as plain text, meaning a password would be readable just the same as it is entered to log in.

The blunder was uncovered during a routine security review early this year, according to Canahuati.

"To be clear, these passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them," vice president of engineering, security, and privacy Pedro Canahuati said.

"As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems," Pedro Canahuati, vice president of engineering for security and privacy at Facebook, wrote in a blog post. "This caught our attention because our login systems are designed to mask passwords using techniques that make them unreadable."

Most companies encrypt passwords to prevent them from being stolen in the event of a data breach or used for nefarious purposes by company employees.

The incident reveals yet another huge and basic oversight at a company that insists it is a responsible guardian for the personal data of its 2.3 billion users worldwide.

By storing passwords in readable plain text, Facebook violated fundamental computer-security practices. Those call for organizations and websites to save passwords in a scrambled form that makes it almost impossible to recover the original text. The blunder was uncovered during a routine security review early this year, according to Canahuati. 

Apple refutes claim of iPhone passcode hack


Apple has dismissed claims made by security researcher Matt Hickey who said he had found a way to bypass iPhone security protections to enter passcodes as many times as needed.

Hickey, co-founder of cyber security firm Hacker House, had tweeted a video on Friday showing how this can be done by sending a stream of all possible combinations to the device, which will trigger an interrupt request.


He explained that if all combinations are sent in one go using keyboard inputs while the device is plugged in instead of with pauses in between tries, it will trigger an interrupt request that takes precedence over everything else on the device.

However, Apple has since come out and refuted the claim and a spokesperson on Saturday said, "The recent report about a passcode bypass on iPhone was in error, and a result of incorrect testing." 

Retracting his previous position, Hickey tweeted on Sunday that devices are still protected from brute-force attacks as not all passcodes that are being tested are sent.


This was in reference to a previous tweet by Stefan Esser, CEO of security firm Antid0te UG, where he explained that the command to erase iPhone data after 10 tries wasn’t triggered because the various combinations were all “ignored” and counted as a single try.


“The device doesn’t actually try those passcodes until you pause,” Stefan tweeted.

Aside from its initial statement, Apple has not provided any further explanations. The company is planning on including a feature called USB Restricted Mode in its upcoming iOS 12 update that will protect iPhones and iPads from USB-related exploits.

GUI version for John the Ripper(JTR) released ~ Johnny


Developers developed the GUI version for the John The Ripper(JTR), a Fastest command line password cracker tool. 'Johnny' is a GUI for John the Ripper. It was proposed by Shinnok.
Johnny is a GUI concept to John the Ripper written in C++ using the Qt framework, making it cross-platform on both Unix/Linux and Windows operating systems.

Johnny is in development. Development was started as part of Summer of Security 2011 by Aleksey Cherepanov while Shinnok became a mentor for Aleksey.

This GUI version will be very helpful to those who struggle with Command line tool.

Download 

TNS released WPA attack tool "Reaver" that Cracks WPA within 10 Hours

Just a day after security researcher Stefan Viehbock released details of vulnerabilities in the WiFi Protected Setup (WPS) protocol that allows attackers to recover WPA/WPA2 passphrases in a matter of hour, a security firm "Tactical Network Solutions" has published an open-source tool capable of exploiting the vulnerability.

Reaver is WPS attack tool ,capable of breaking WPS pins and recovering the plain text WPA/WPA2 passphrase of the target access point in approximately 4-10 hours (attack time varies based on the access point).

There are two offerings of the Reaver tool. The free open source version, which has limited functionality and a commercial version which is user friendly and feature-rich

Download it from here:
http://code.google.com/p/reaver-wps/downloads/list


John the Ripper version 1.7.9 released, Fast Password Cracking software

John the Ripper is one of famous and fastest Password Cracking software, developed by openwall. Currently it supports the Unix, Windows, DOS, BeOS, and OpenVMS platforms. They released updated version of John the Ripper.

Most importantly, functionality of the -omp-des* patches has been reimplemented in the main source code tree, improving upon the best properties of the -omp-des-4 and -omp-des-7 patches at once. Thus, there are no longer any -omp-des* patches for 1.7.9.

Changelog for v1.7.9
  • Added optional parallelization of the MD5-based crypt(3) code with OpenMP.
  • Added optional parallelization of the bitslice DES code with OpenMP.
  • Replaced the bitslice DES key setup algorithm with a faster one, which significantly improves performance at LM hashes, as well as at DES-based crypt(3) hashes when there’s just one salt (or very few salts).
  • Optimized the DES S-box x86-64 (16-register SSE2) assembly code.
  • Added support for 10-character DES-based tripcodes (not optimized yet).
  • Added support for the “$2y$” prefix of bcrypt hashes.
  • Added two more hash table sizes (16M and 128M entries) for faster processing of very large numbers of hashes per salt (over 1M).
  • Added two pre-defined external mode variables: “abort” and “status”, which let an external mode request the current cracking session to be aborted or the status line to be displayed, respectively.
  • Made some minor optimizations to external mode function calls and virtual machine implementation of John the Ripper.
  • The “–make-charset” option now uses floating-point rather than 64-bit integer operations, which allows for larger CHARSET_settings in params.h.
  • Added runtime detection of Intel AVX and AMD XOP instruction set extensions, with optional fallback to an alternate program binary.
  • In OpenMP-enabled builds, added support for fallback to a non-OpenMP build when the requested thread count is 1.
  • Added relbench, a Perl script to compare two “john –test” benchmark runs, such as for different machines, “make” targets, C compilers, optimization options, or/and versions of John the Ripper.
  • Additional public lists of “top N passwords” have been merged into the bundled common passwords list, and some insufficiently common passwords were removed from the list.
Download it from here:
http://www.openwall.com/john/

THC-Hydra V7.1 Released


A very fast network logon cracker which support many different services.

Current Version: 7.1 Last update 2011-10-01

CHANGELOG for 7.1
=================
* Added HTTP Proxy URL enumeration module
* Added SOCKS4/SOCKS5 proxy support with authentication
* Added IPv6 support for SOCKS5 module
* Added -e r option to try the reversed login as password
* Rewrote -x functionality as the code caused too much trouble (thanks to murder.net7(at)gmail.com for reporting one of the issues)
* Fixed a bug with multiple hosts (-M) and http modules against targets that are virtual servers. Well spotted by Tyler Krpata!
* Fixed SVN IPv6 support and updated deprecated calls
* Fixed RDP failed child connection returned value and false positive issues reported by Wangchaohui, thanks!
* Fixed restore file functionality, was not working together with -o option
* Fix in http-form module for bug introduced in 7.0
* Fixed xhydra specific parameter value for http-proxy module
* minor enhancements

Hash Code Cracker V 1.2 Released ~PenTesting Tool from BreakTheSecurity


BreakTheSecurity is proud to release the Hash Code Cracker Version 1.2.  Our latest release supports Online Cracking function.


Description:

This password cracker is developed for PenTesters and Ethical hackers. Please Use this software for legal purposes(Testing the Password Strength).


Features:
  • This software will crack the MD5, SHA1,NTLM(Windows Password) hash codes.
  • No need to install.
  •  Supports All platforms(windows XP/7,Linux,..).
V1.2 Changelog :
  • Included Online cracking Support

Minimum Requirements:
  • Java Runtime Environment: JRE 1.6 should be installed.(you can get it from oracle.com)

How to Run the Application?
Download the .zip file and extract.
Extract the zip file.
Open the Terminal or command prompt.
Navigate to the path of Extracted zip file (i mean HashCodeCracker Folder) in Terminal/CMD.
Type this command "java -jar HashCodeCracker.jar".
Now the application will run.

Project HomePage:
http://projects.breakthesecurity.com/

Download:

From SourceForge.net

(or)

From code.google.com

John the Ripper 1.7.8-jumbo-7 Released ~ Password Cracking Tools

Earlier today, They've released John the Ripper 1.7.8-jumbo-7.

Change log:
* Support for encrypted pkzip archives has been added, testing millions
of candidate passwords per second. (JimF)
(This is in addition to WinZip/AES archives, support for which was added
in prior -jumbo updates.)
* Support for Mac OS X 10.7 Lion salted SHA-512 hashes has been added
(enabled when building against OpenSSL 0.9.8+ only), with optional OpenMP
parallelization. (Solar)
* Optional OpenMP parallelization has been added for salted SHA-1 hashes
used by Mac OS X 10.4 to 10.6. (Solar)
* PoC support for DES-based 10-character tripcodes has been added (does
not use the bitslice DES implementation yet, hence is slow). (Solar)
* The DIGEST-MD5 authentication cracker has been revised to be usable
without requiring source code customizations. (magnum)
* Highly experimental support for dynamically loaded plugins (adding new
formats) has been added (currently only enabled on Linux). (David Jones)
* Added the ability for the john.conf file to ".include" other .conf
files and/or individual sections (e.g., a wordlist rules section may
include more rules from elsewhere). (JimF)
* John now makes an attempt to suppress duplicate rules (handy along
with the ".include" feature). (JimF)
* More character encodings are now supported. The full list is: raw,
utf-8, iso-8859-1, iso-8859-7, iso-8859-15, koi8-r, cp437, cp737, cp850,
cp858, cp866, cp1251, cp1252, cp1253.
* Full encoding support for "single crack" mode, rules, and character
classes has been implemented. (JimF/magnum)
* Full encoding support for all formats, including md5_gen. (JimF/magnum)
* Some new character classes have been added. (JimF/magnum)
* Support for user-defined character classes has been added, along with
some samples in the default john.conf. (magnum)
* New rule reject flag "->N" (reject unless length N is supported by the
current hash/cipher type). (magnum)
* New Boolean options in john.conf: LogCrackedPasswords, AlwaysReportUTF8,
UnicodeStoreUTF8, CPstoreUTF8. (magnum)
* raw-md5-unicode has been replaced with faster 'thin' raw-md5u. (magnum)
* The generic crypt(3) module now recognizes some "subformats"
(md5/sha256/sha512), solely for benchmarking. (magnum)
* Wordlist mode is now much faster when using memory buffer and running
against a fast hash/cipher type. (JimF/magnum)
* Unicode DumbForce-like external mode samples have been added (Dumb16
and Dumb32). (magnum)
* Numerous bug, performance, and portability fixes (JimF/magnum/Solar)

Download