[THC-Hydra v7.6] Fast Parallel Network Logon Cracker

 Hydra is a parallelized network logon cracker which supports numerous protocols to attack, new modules are easy to add, beside that, it is flexible and very fast.

Features

• IPv6 Support
• Graphic User Interface
• Internationalized support (RFC 4013)
• HTTP proxy support
• SOCKS proxy support

The tool supports the following protocols:

Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more.

Release 7.6
* Added a wizard script for hydra based on a script by Shivang Desai <shivang.ice.2010@gmail.com>
* Added module for Siemens S7-300 (submitted by Alexander Timorin and Sergey Gordeychik, thanks!)
* HTTP HEAD/GET: MD5 digest auth was not working, fixed (thanks to Paul Kenyon)
* SMTP Enum: HELO is now always sent, better 500 error detection
* hydra main:
   - fixed a bug in the IPv6 address parsing when a port was supplied
   - added info message for pop3, imap and smtp protocol usage
* hydra GTK: missed some services, added
* dpl4hydra.sh:
   - added Siemens S7-300 common passwords to default password list
   - more broad searching in the list
* Performed code indention on all C files :-)
* Makefile patch to ensure .../etc directory is there (thanks to vonnyfly)

Download THC-Hydra v7.6

[Router Password Kracker] Router Password Recovery Software

Router Password Kracker is a free software to recover the lost password of your Router. It can also be used to recover password from your internet Modem or Web sites which are protected by HTTP BASIC Authentication.

Generally Routers or Modems control their access by using HTTP BASIC authentication mechanism. In simple words, when you connect to your Modem/Router from the browser (typically http://192.168.1.1) you will be asked to enter username & password. If you ever forget this password then you will not be able to access your Router/Modem configuration. Even some websites use this BASIC Authentication to allow only certain users to access their site. 

In these cases 'Router Password Kracker' can help you in quickly recovering your lost password. Also Penetration Testers and Forensic Investigators can find this tool very useful in cracking the Router/Modem/Website password.

Download Router Password Kracker

[DirBuster] Brute Force Directories and Files Names on Web/Application Servers

DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. DirBuster attempts to find these.

However tools of this nature are often as only good as the directory and file list they come with. A different approach was taken to generating this. The list was generated from scratch, by crawling the Internet and collecting the directory and files that are actually used by developers! DirBuster comes a total of 9 different lists (Further information can be found below), this makes DirBuster extremely effective at finding those hidden files and directories. And if that was not enough DirBuster also has the option to perform a pure brute force, which leaves the hidden directories and files nowhere to hide! If you have the time ;)

Download DirBuster

[Hashcat v0.47] The world’s fastest CPU-based password recovery tool

Hashcat is the world’s fastest CPU-based password recovery tool.

While it’s not as fast as its GPU counterparts oclHashcat-plus and oclHashcat-lite, large lists can be easily split in half with a good dictionary and a bit of knowledge of the command switches.

Changelog v0.47

• added -m 123 = EPi
• added -m 1430 = sha256(unicode($pass).$salt)
• added -m 1440 = sha256($salt.unicode($pass))
• added -m 1441 = EPiServer 6.x >= v4
• added -m 1711 = SSHA-512(Base64), LDAP {SSHA512}
• added -m 1730 = sha512(unicode($pass).$salt)
• added -m 1740 = sha512($salt.unicode($pass))
• added -m 7400 = SHA-256(Unix)
• added -m 7600 = Redmine SHA1
• debug mode can now be used also together with -g, generate rule
• support added for using external salts together with mode 160 = HMAC-SHA1 (key = $salt)
• allow empty salt/key for HMAC algos
• allow variable rounds for hash modes 500, 1600, 1800, 3300, 7400 using rounds= specifier
• added –generate-rules-seed, sets seed used for randomization so rulesets can be reproduced
• added output-format type 8 (position:hash:plain)
• updated/added some hcchr charset files in /charsets, some new files: Bulgarian, Polish, Hungarian
• format output when using –show according to the –outfile-format option
• show mask length in status screen
• –disable-potfile in combination with –show or –left resulted in a crash, combination was disallowed

Features

• Multi-Threaded
• Free
• Multi-Hash (up to 24 million hashes)
• Multi-OS (Linux, Windows and OSX native binaries)
• Multi-Algo (MD4, MD5, SHA1, DCC, NTLM, MySQL, …)
• SSE2, AVX and XOP accelerated
• All Attack-Modes except Brute-Force and Permutation can be extended by rules
• Very fast Rule-engine
• Rules compatible with JTR and PasswordsPro
• Possible to resume or limit session
• Automatically recognizes recovered hashes from outfile at startup
• Can automatically generate random rules
• Load saltlist from external file and then use them in a Brute-Force Attack variant
• Able to work in an distributed environment
• Specify multiple wordlists or multiple directories of wordlists
• Number of threads can be configured
• Threads run on lowest priority
• Supports hex-charset
• Supports hex-salt
• 90+ Algorithms implemented with performance in mind
• …and much more

Download hashcat v0.47

[BTCrack v1.1] The worlds first Bluetooth Pass phrase (PIN) Bruteforce Tool

BTCrack is the worlds first Bluetooth Pass phrase (PIN) bruteforce tool, BTCrack will bruteforce the Passkey and the Link key from captured pairing* exchanges.

BTcrack was demoed and realeased at Hack.lu 2007 and 23C3 in Berlin, the video of the presentation is available on Google Video .

To capture the pairing data it is necessary to have a Professional Bluetooth Analyzer : FTE (BPA 100, BPA 105, others), Merlin OR flash a CSR based consumer USB dongle with special firmware.

Speed Comparison :

· P4 2Ghz - Dual Core 200.000 keys/sec

· FPGA E12 @ 50Mhz 7.600.000 keys/sec

· FPGA E12 @ 75Mhz 10.000.000 keys/sec

· FPGA E14 30.000.000 keys/sec

Changes :· 1.0 First release · 1.1 Intermediate Release    E12 + E14 FPGA Support ( http://www.picocomputing.com)   Splash Screen    Process Priority    Speed increase (+15%)

Download BTCrack v1.1

[THC-Hydra 7.5] Fast Parallel Network Logon Cracker

Hydra is a parallelized network logon cracker which supports numerous protocols to attack, new modules are easy to add, beside that, it is flexible and very fast.

Features

• IPv6 Support
• Graphic User Interface
• Internationalized support (RFC 4013)
• HTTP proxy support
• SOCKS proxy support

The tool supports the following protocols

Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

Changelog for 7.5

• Added module for Asterisk Call Manager
• Added support for Android where some functions are not available
• hydra main:
• – reduced the screen output if run without -h, full screen with -h
• – fix for ipv6 and port parsing with service://[ipv6address]:port/OPTIONS
• – fixed -o output (thanks to www417)
• – warning if HYDRA_PROXY is defined but the module does not use it
• – fixed an issue with large input files and long entries
• hydra library:
• – SSL connections are now fixed to SSLv3 as some SSL servers fail otherwise, report if this gives you problems
• – removed support for old OPENSSL libraries
• HTTP Form module:
• – login and password values are now encoded if special characters are present
• – ^USER^ and ^PASS^ are now also supported in H= header values
• – if you the colon as a value in your option string, you can now escape it with \: – but do not encode a \ with \\
• Mysql module: protocol 10 is now supported
• SMTP, POP3, IMAP modules: Disabled the TLS in default. TLS must now be defined as an option “TLS” if required. This increases performance.
• Cisco module: fixed a small bug (thanks to Vitaly McLain)
• Postgres module: libraries on Cygwin are buggy at the moment, module is therefore disabled on Cygwin

Download THC-Hydra 7.5