The program is designated to recover passwords for following types of hashes: * MySQL * MySQL5 * DES (Unix) * MD4 * MD4 (Base64) * MD4 (HMAC) * MD5 * MD5 (Base64) * MD5 (HMAC) * MD5 (Unix) * MD5 (APR) * SHA-1 * SHA-1 (Base64) * SHA-1 (HMAC) * Domain Cached Credentials As well as for hashes used by various PHP-programs: * md5(md5($pass)) * md5(md5($pass).$salt) * md5(md5($salt).md5($pass)) * sha1($username.$pass The program includes the following tools: * Hash generator - designated to generate any hash of types, supported by the program. * Password generator - designated to generate random passwords with parameters specified. * Text convertor - allows to convert text from Base64 format to plain text and vice versa. * Hidden passwords recovery - designated to recover text hidden by asterisks. * System information - displays various system information. Program features * Passwords recovery using following methods: - Preliminary attack; - Brute-force attack (including distributed attack); - Mask attack; - Simple dictionary attack; - Combined dictionary attack; - Hybrid dictionary attack; - Pre-calculated Rainbow-tables attack; * Recovery of passwords up to 128 symbol length; * Recovery of passwords for incomplete hashes of any type; * User's hashes editor; * Search of data in the list of imported users; * Quick add of the hash using dialog box; * Quick check of the current password for all imported users; * Use of symbol replace tables for the simple dictionary attack; * Unlimited number of dictionaries used for dictionary attack; * Unlimited number of tables used for pre-calculated Rainbow-tables attack; * Unlimited number of users with hashes (in the licensed version); Types of attack Preliminary attack: This type of attack is quick check of users' hashes to match simple passwords like - "123", "qwerty", "99999", etc. as well as for earlier found passwords stored by the program in the "PasswordsPro.dic" file. Brute-force attack: This type of attack is total check of all password variants. Brute-force attack also includes distributed attack. This type of attack allows using several computers for passwords recovery distributing passwords to process. This type of attack is enabled automatically when the user sets more than one computer to participate in attack. Then ability to set password range to recover for current computer. So to start distributed attack you shall: Run program on several computers. Choose required number of computers for attack. Set the same attack settings for all the computers. Choose for every computer own password range to recover. Run brute-force attack on every computer. Mask attack: This type of attack is used if any information about the password is provided, i.e. if anything is known about the password. For example: - Passwords begin with "12345" symbol combination; - First 4 symbols of the password are numbers, others are Latin letters; - etc. For that define mask for every symbol of the password to recover in the mask attack settings. Keys of standard or user symbol sets are used as mask symbols - ?u, ?d, ?2, etc. Simple dictionary attack: This type of attack is check of hashes for match from text files - dictionaries. Attack settings also allow to use symbol replace tables what lets to substitute one symbol in the password to another. Combined dictionary attack: This type of attack includes check of the passwords made of several words taken from different dictionaries. This attack allows to recover complex passwords like "superadmin", "admin1980", "admin*admin", etc. Hybrid dictionary attack: This type of attack allows to change passwords from the dictionaries (for example, shift password to upper case, add symbol "1" to the end of the password, etc.) and to check them as users passwords. Actions performed at source passwords are so called "rules" - full list of these rules can be found in "Rules.txt" file in the program archive. Pre-calculated tables attack: This type of attack uses Rainbow-technology Link: Dieser Link ist nur für Mitglieder!!! Jetzt kostenlos Registrieren ?