Our previous post regarding Cain & Abel can be found here. Now, oxid.it has released an updated version 4.9.36!
“Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.”
This is the official change log:
Added MP3 audio file generation in VoIP sniffer.
Fixed Abel DLL crashes on 64-bit operating systems.
Modified Export function to Users, Groups, Services and Shares lists with TAB separators.
Fixed a bug in Wireless Password Decoder concerning Microsoft Virtual WiFi Miniport Adapter.
Fixed a bug in NTLMv2 Cracker within the “Test Password” function.
Removed “WindowsFirewallInitialize failed” startup error message if Windows Firewall service is stopped.
“Kon-Boot is an prototype piece of software which allows to change contents of a linux kernel and Windows kernel on the fly while booting. In the current compilation state it allows to log into a linux system as ‘root’ user without typing the correct password or to elevate privileges from current user to root. For Windows systems it allows to enter any password protected profile without any knowledge of the password. It was acctually started as silly project of mine, which was born from my never-ending memory problems. Entire Kon-Boot was written in pure x86 assembly, using old grandpa-geezer TASM 4.0.
Now it provides support for Microsoft Windows systems and also the Linux systems listed in the next sections. Kon-Boot for Windows enables logging in to any password protected machine profile without without any knowledge of the password. This tool changes the contents of Windows kernel while booting, everything is done virtually – without any interferences with physical system changes. So far following systems were tested to work correctly with Kon-Boot”
Tested Windows versions: Windows Server 2008 Standard SP2 (v.275) Windows Vista Business SP0 Windows Vista Ultimate SP1 Windows Vista Ultimate SP0 Windows Server 2003 Enterprise Windows XP Windows XP SP1 Windows XP SP2 Windows XP SP3 Windows 7
PasswordsPro designated for the recovery of passwords for different types of hashes. The program currently supports about 30 types of hashes, and new ones can be easily added by creating a custom external hashing DLL-module. The peak number of hashes the application is capable of working with simultaneously is 256.
A long List of supported hashes by PasswordsPro:
– MySQL
– Tiger-192
– MySQL5
– RipeMD-128
– DES(Unix)
– RipeMD-160
– MD2
– MaNGOS
– MD4
– Whirlpool
– MD4(HMAC)
– RAdmin v2.x
– MD4(Base64)
– Lineage II C4
– MD5
– Domain Cached Credentials
– MD5(APR)
– md5(md5($pass))
– MD5(Unix)
– md5($pass.$salt)
– MD5(HMAC)
– md5($salt.$pass)
– MD5(Base64)
– md5(sha1($pass))
– MD5(phpBB3)
– md5($hex_salt.$pass)
– MD5(WordPress)
– md5(md5(md5($pass)))
– MD5_HMAC($salt,MD5_HMAC($salt,$pass))
– md5(md5($pass).$salt)
– SHA-1
– md5(md5($salt).$pass)
– SHA-1(HMAC)
– md5($salt.md5($pass))
– SHA-1(Base64)
– md5($salt.$pass.$salt)
– SHA-1(Django)
– md5(md5($salt).md5($pass))
– SHA-256
– md5(md5($pass).md5($salt))
– SHA-256(Unix)
– md5(md5($pass).$const_salt)
– SHA-256(Django)
– md5($salt.md5($salt.$pass))
– SHA-256(md5($pass))
– md5($salt.md5($pass.$salt))
– SHA-256(PasswordSafe)
– md5($salt.md5($pass).$salt)
– SHA-384
– md5(sha1(md5(sha1($pass))))
– SHA-384(Django)
– md5($hex_salt.$pass.$hex_salt)
– SHA-512
– md5($username.md5($pass).$salt)
– SHA-512(Unix)
– md5(md5($username.$pass).$salt)
– Haval-128
– sha1(md5($pass))
– Haval-160
– sha1($salt.$pass)
– Haval-192
– sha1($pass.$salt)
– Haval-224
– sha1($username.$pass)
– Haval-256
– sha1($salt.sha1($pass))
– Tiger-128
– sha1($username.$pass.$salt)
– Tiger-160
– sha1($salt.sha1($salt.sha1($pass)))
Much more…
Features of PasswordsPro
Passwords recovery using the following methods: -Preliminary attack -Brute force attack (including distributed attack) -Mask attack -Simple dictionary attack -Combined dictionary attack -Hybrid dictionary attack -Rainbow attack – Recovery of passwords of up to 127-character length – Recovery of passwords for incomplete hashes of any type – User hash editor – Searching data on the list of imported users – Quick-add hash using a dialog box – Quick-add hashes from Clipboard – Quick-check current password for all imported users – Support of character replacement tables for hybrid dictionary attack – Unlimited number of dictionaries available for dictionary attack – Unlimited number of tables available for Rainbow attack
Import and export from PasswordsPro format files (*.Hashes-files). for further analysis or evidence Import from text files with hashes given in the following format supports- Login:Hash:Salt(or HMAC-key):Password:Comment test files with all types of supported hashes given in this format. - Using dialog box. - From Clipboard. Which makes passwordpro much easier and faster to recover passwords. This tool can be used to audit for week password in organisations simply collect hases form AD or DC and analysis it for 1 hour week passwords will be displayed rest by looking we can conclude which are week and which are strong.
Video tutorial of PasswordsPro
Opertaiing system supported
Windows XP2 and above (we have tested it on 32 bit )
“Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.”
