 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| |
|
|
|
|
|
|
User Info |
|
|
|
milw0rm |
|
| Currently there is a problem with headlines from this site |
|
|
|
|
|
PacketStorm News |
|
|
|
Security Basics |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
|
|
 Posted: Tue May 12, 2009 1:27 am |
 |
|
| InsidePro |
| Regular user |
 |
| |
| Joined: Sep 13, 2008 |
| Posts: 19 |
|
|
|
 |
|
 |
|
Extreme GPU Bruteforcer has been updated to version 1.5.
In the new version:
- Added mask attack. To enable it, in the INI file create (or uncomment) the "Mask" parameter that contains a mask; for example: pass?d?d?d?d?d?d, ?u?u?u?l?l?l2009, etc. The application supports up to 15 custom character sets (in the INI file parameters "CustomCharacterSet1"..."CustomCharacterSetF"), where you can define custom character sets or combinations of standard character sets - for example, "CustomCharacterSet1=?l?u?d", "CustomCharacterSet9=abcdefABCDEF?d", which are engaged in the "Mask" parameter as ?1 and ?9 respectively (Note: Mask in EGB is formed practically the same way as in PasswordsPro). The speed of mask attack for all modules is the same as the speed of brute force attack!
- Added new module, "MD5_Unicode.exe", for recovering Unicode passwords to MD5 hashes. Its average operation speed on GF8800GS is 240М p/s.
- Added new parameter to INI file - AttackTime, which allows limiting attack time (in minutes) and thus improves the flexibility of the application when it is launched from a BAT-file with different INI files (for example, with different character sets for the attack).
- Up to 512 - increased the maximum value of the StreamProcessors parameter.
Download the new version: http://www.insidepro.com/download/egb.zip |
|
|
|
|
|
|
|
|
| Posted: Wed Jun 10, 2009 6:37 pm |
|
|
| InsidePro |
| Regular user |
|
| |
| Joined: Sep 13, 2008 |
| Posts: 19 |
|
|
|
|
|
|
|
Extreme GPU Bruteforcer has been updated to version 1.5.1.
In the new version:
- Added auto-saving current password in INI file during attack every 5 minutes.
- All application modules recompiled to the latest edition of CUDA - v2.2.
- Added new module - md5($username.0.$pass). Search speed per hash on GF8800GS is 155M p/s.
- Increased maximum password length in the modules MD5.exe (to 55 characters) and MD5_Unicode.exe (to 27 characters). |
|
|
|
|
| Posted: Sat Dec 12, 2009 3:16 pm |
|
|
| InsidePro |
| Regular user |
|
| |
| Joined: Sep 13, 2008 |
| Posts: 19 |
|
|
|
|
|
|
|
Extreme GPU Bruteforcer has been updated to version 1.6.
In the new version:
- Added support for MultiGPU, i.e. simultaneous use of all GPU cores for attack (maximum number of GPU - 16).
- Added new hashing module: LM.exe.
- Maximum number of salted hashes per attack increased to 512, etc.
More >> |
|
|
|
|
| Posted: Sun Feb 07, 2010 6:11 pm |
|
|
| InsidePro |
| Regular user |
|
| |
| Joined: Sep 13, 2008 |
| Posts: 19 |
|
|
|
|
|
|
|
Extreme GPU Bruteforcer has been updated to version 1.6.1.
In the new version:
- Added new module MD5(Unix).exe.
The attack speed per hash in this module makes (on GeForce 8800GS) about 85k p/s.
- Added displaying information on the duration of attack.
- Added new parameters to INI files.
More >> |
|
|
|
|
| Posted: Tue Feb 16, 2010 10:33 am |
|
|
| dhukkaman |
| Beginner |
|
| |
| Joined: Feb 15, 2010 |
| Posts: 3 |
|
|
|
|
|
|
|
Sorry to be a total noob but how do I get the hashes I want to crack to be run with the program? I have been searching for ages to find how this is done but haven't got anywhere.
Please could you explain it simply for us learners out here. |
|
|
|
|
|
|
|
|
| Posted: Tue Feb 16, 2010 2:55 pm |
|
|
| waraxe |
| Site admin |
 |
| |
| Joined: May 11, 2004 |
| Posts: 2341 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| dhukkaman wrote: | Sorry to be a total noob but how do I get the hashes I want to crack to be run with the program? I have been searching for ages to find how this is done but haven't got anywhere.
Please could you explain it simply for us learners out here. |
Those hashes are usually stored in sql database and of course they are protected from malicious persons. But there are scenarios as:
1. sql injection vulnerabilities - attacker can manipulate database so that hash retrieval is possible (lazy software developers and website admins)
2. phpmyadmin interface can unprotected and accessible from web (lazy admins)
3. sql database backup file can be accessible from web (lazy admins ...)
4. LFI/RFI/Remote File Disclosure and other vulnerabilities can finally lead to the hash retrieval from database
5. open TCP port 3306 with weakly configured mysql daemon and weak username/password (such as root user with empty password)
6. googledork:
http://www.google.ee/#hl=et&q=filetype%3Asql+phpmyadmin+dump+members+converge&lr=&aq=&oq=&fp=9a016538702b090f
More good information:
http://www.hackersforcharity.org/ghdb/ |
|
|
|
|
|
|
|
|
| Posted: Tue Feb 16, 2010 6:37 pm |
|
|
| dhukkaman |
| Beginner |
|
| |
| Joined: Feb 15, 2010 |
| Posts: 3 |
|
|
|
|
|
|
|
| waraxe wrote: | | dhukkaman wrote: | Sorry to be a total noob but how do I get the hashes I want to crack to be run with the program? I have been searching for ages to find how this is done but haven't got anywhere.
Please could you explain it simply for us learners out here. |
Those hashes are usually stored in sql database and of course they are protected from malicious persons. But there are scenarios as:
1. sql injection vulnerabilities - attacker can manipulate database so that hash retrieval is possible (lazy software developers and website admins)
2. phpmyadmin interface can unprotected and accessible from web (lazy admins)
3. sql database backup file can be accessible from web (lazy admins ...)
4. LFI/RFI/Remote File Disclosure and other vulnerabilities can finally lead to the hash retrieval from database
5. open TCP port 3306 with weakly configured mysql daemon and weak username/password (such as root user with empty password)
6. googledork:
http://www.google.ee/#hl=et&q=filetype%3Asql+phpmyadmin+dump+members+converge&lr=&aq=&oq=&fp=9a016538702b090f
More good information:
http://www.hackersforcharity.org/ghdb/ |
Thank you for the reply and the information.
Yes, the hashes are from my mysql database but my question was rather what do I do with them with extreme gpu bruteforcer? |
|
|
|
|
|
www.waraxe.us Forum Index -> Hash related information
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 2 of 2
Goto page Previous 1, 2
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
Membership:
Latest: 
New Today: 4
New Yesterday: 3
Overall: 6561
People Online:
Visitors: 112
Members: 6
Total: 118
Online Now:
