Security Basics mailing list archives
RE: How many password cracking programs are there?
From: "Roger A. Grimes" <roger () banneretcs com>
Date: Mon, 24 Jul 2006 13:08:35 -0400
Last time I surveyed and tested each, I came up with 22 programs that could or claim to do Windows logon password hacking. There are many categories: crackers, guessors, and resetters. Crackers grab obscured data (i.e. password hashes, sniffs of network challenge-response traffic, etc.) and attempt to convert to plaintext. Guessors automate a remote logon process and put in the logon name and potential password right into the GUI. Resetters (the most popular type), just blank out or remove the previous password. The vast majority of Windows password hacking tools are resetters (which have their use). Best guessor in my opinion...Hydra (www.thc.org), with BrutusA2 as a close second because of it's pretty GUI. Best crackers in my opinion are: LophtCrack is discontinued, but it was very fast with Windows password hashes. There are some clones. Cain (www.oxid.it) can crack and sniff all types of passwords. If you're in computer security and you haven't tried this one, you need to. Slow compared to the other two, but the prettiest, and most comprehensive. John the Ripper is the fastest (next fastest on Windows hashes next to Lophtcrack), but can do more than Windows password hashes. Not pretty, but works on many platforms, and I know for sure that a popular company will release a pretty GUI for it soon. -----Original Message----- From: winshel () camden rutgers edu [mailto:winshel () camden rutgers edu] Sent: Saturday, July 22, 2006 11:45 AM To: security-basics () securityfocus com Subject: How many password cracking programs are there? This may seem like a silly question but, in many discussions of how windows password cracking programs work, it seems that the same small number of password cracking programs are mentioned (e.g., John the Ripper,L0phtCrack,). In order to understand how to protect a windows computer from password cracking software, it would seem necessary to understand how the current password cracking programs work. But, aren't there lots and lots and lots of password cracking programs? There's tens of thousands of virus programs - is there not a large number of password cracking programs? Thanks. ------------------------------------------------------------------------ --- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- How many password cracking programs are there? winshel (Jul 24)
- RE: How many password cracking programs are there? Roger A. Grimes (Jul 24)
- Re: How many password cracking programs are there? Hollis via Rubicon Recluse (Jul 24)
- Re: How many password cracking programs are there? Harold Winshel (Jul 24)
- Re: How many password cracking programs are there? Saqib Ali (Jul 24)
- Message not available
- Re: How many password cracking programs are there? Harold Winshel (Jul 24)
- Message not available
- <Possible follow-ups>
- RE: How many password cracking programs are there? Andrew Williams (Jul 25)