from.hell

Just a list of online (mostly) md5 crackers but some with do others

This post over on pcsec got me thinking about them.

http://www.pcsec.org/archives/MD5Seacrh-v18-by-mass.html

Of course not all those are working, least not for me.

So here is that list with links and a few others thanks to my twitter homies

passcracking.ru http://passcracking.ru/
md5crack http://md5crack.com/
md5decryption: http://md5decryption.com/
TheKaine.de: http://md5.thekaine.de/
AuthSecu: http://authsecu.com/decrypter-dechiffrer-cracker-hash-md5/decrypter-dechiffrer-cracker-hash-md5.php

hackcrack: http://hashcrack.com/index.php
insidepro: http://hash.insidepro.com/
md5decrypter: http://md5decrypter.com/
md5pass.info: http://md5pass.info/

Bonus points for two of the sites from the screen shot just giving you a parallels plesk login.

Sites specifically mentioned to me in no particular order

Plain-Text.info http://plain-text.info/add/ (also has IRC support)

Hashkiller: http://hashkiller.com/password/
Cryptohaze: http://www.cryptohaze.com/addhashes.php
md5rednoize: http://md5.rednoize.com/
milw0rm: http://milw0rm.com/cracker/insert.php
GData: http://gdataonline.com/seekhash.php
c0llision: http://www.c0llision.net/webcrack.php (also has IRC support)

ISC: http://isc.sans.org/tools/reversehash.html

PassCracking http://passcracking.com/

Lastly, for fun, a metasploit module that submits the hash to md5crack.com and displays the password if its found.

msf auxiliary(md5check_md5crack) > run

[*] Sending 098f6bcd4621d373cade4e832627b4f6 hash to md5crack.com…
[*] plaintext md5 is: test
[*] Auxiliary module execution completed

I started to do more than just md5crack but writing regex’s for different sites just seemed like a waste of time.

http://carnal0wnage.attackresearch.com/sites/default/files/md5check_md5c… (rename to .rb)

repost from: http://carnal0wnage.attackresearch.com/node/402

Tools:
System Rescue CD
Avira rescue CD
NTFS Undelete tool/cd

using sysrescuecd

http://man.linux-ntfs.org/ntfsundelete.8.html


ntfsundelete /dev/hda1 -s -m '*.doc' -d /mnt/usb


Httpry – HTTP Traffic sniffer

Httpry, is a sniffer specializing in sniffing http traffic. Httpry is used to log and display http traffic by capturing, parsing and logging the traffic for further analysis.

http://www.lifedork.net/httpry-http-traffic-sniffer.html
http://dumpsterventures.com/jason/httpry/httpry-0.1.5.tar.gz

Firefox Addons own ya – Keylogger POC

My small POC consists of a keylogger written in javascript and embedded into Firefox browser in form of extension. This code can be injected into any known/famous addon without even noticing it since it creates no warnings at Antiviruses (it’s just legal javascript) and no warning from Firewalls since the logs of the keystrokes are sent through Firefox on port 80 to a malicious server.

http://blogs.hackerscenter.com/2008/04/firefox-addons-threat.html
http://www.hackerscenter.com/public/Firefox_poc/poc_keylogger.zip

RHEL diagnostic tool configuration and recommendations

• Kdump/Netdump
• Sysstat
• Hangwatch
• Ksar

http://kbase.redhat.com/faq/docs/DOC-18285

An article from nessus team about attacks and securing php +ref
Configuration Auditing php.ini To Help Prevent Web Application Attacks

—

Joomla! auditing tool? yeah
OWASP Joomla Vulnerability Scanner Project

The following features are currently available.

* Exact version Probing (the scanner can tell whether a target is running version 1.5.12)
* Common Joomla! based web application firewall detection
* Searching known vulnerabilities of Joomla! and its components
* Reporting to Text & HTML output
* Immediate update capability via scanner or svn

sqlsus is an open source MySQL injection and takeover tool, written in perl.

Via a command line interface that mimics a mysql console, you can retrieve the database structure, inject a SQL query, download files from the web server, upload and control a backdoor, and much more…

It is designed to maximize the amount of data gathered per web server hit, making the best use (I can think of) of MySQL functions to optimize the available injection space.

sqlsus is focused on PHP/MySQL installations, and integrates some neat features, some of them being really specific to this DBMS.

I have lots of ideas for sqlsus improvements, all I need is time, and feedback

It is not and won’t ever be a SQL injection scanner, it starts its job on the next step.

http://sqlsus.sourceforge.net/index.html