R there any real life hackers reading this
Moderators: jelco, bert_the_turtle, Chris, Icepick, Rkiver
-
ProdigyNIC
- level0
- Posts: 6
- Joined: Mon Dec 02, 2002 5:54 pm
- Location: US of A
- Contact:
Quote: from bgreene2001 on 5:41 am on Dec. 30, 2002[br]I like playing with fire too. But what does that have to do with hacking?
uh yeh. <sarcasm> and i meant playing with fire literally </sarcasm>
the whole .box.sk network is really good.. neworder.box.sk is probably one of the best, imo..
i remember when it was just astalavista.box.sk and thrax.box.sk. heheh.
- suäciide|ediicäus -
Quote: from NeoThermic on 11:22 am on Dec. 30, 2002[br]Actualy Einsiten, you half rignt and half wrong.
when it comes to cracking 9x passwords, you dont have to, there is a way round them. Cracking NT, 2K and XP passwords takes time, as you do have to crack up to 7 of the possible 14 letters in the combination (its a secuirty thing that the first 7 leters encryption is encrypted the same as the last 7 (if there is more than 7 letters).
BUT, hacking open shares across the internet is actualy done one letter at a time. Yes, like Uplink, the server does respond to each letter send, so if the password was hi, the server says no to abcdefg, but yes to h, then you move on to the next letter and try. after the server says yes to that letter, you try the next letter. since this example is only 2 letters long, the third letter starts off with no, telling you that you have the password.
Of course the server doesnt exaclty reply NO and YES, it replies by error code. Also, you must remeber that in real hacking, you have diffrent OS'es and they require diffrent techniques to exploit them.
Yes, I admit, I am a real hacker, but im just that, a hacker, not a cracker, I dont do damage, leave traces of my actions, and I dont take anything, even if it was a list of credit card numbers or whatnot.
Oh, and as a side note, deleting logs on a NT based system [that includes 2K and XP] is slightly similar, you have to know what times you did what, then delete the lines out of the log manualy, but if someone suspects something, this technique is easy to find (so in theroy, its like log deleter version 1).
And as another side note, you can't hack a bank like you can in uplink, unfortunalty bypassers don't exsist :|
Erm, any well written piece of software will only respond to an entire password.
Anybody that writes password protected networking software that can be broken into one letter at a time, deserves to have their software broken into.
And anybody trusting windows security...
Bleh.
-
ARC destroyer
- level3
- Posts: 324
- Joined: Thu Jun 06, 2002 5:15 pm
- Contact:
A few password crackers only go through the most used passwords
keep your computer locked up or its gonna be broken.
visit my forum: www.fightforinfo.tk
visit my forum: www.fightforinfo.tk
Neo, I hope you used some form of relay before posting that, otherwise you did just leave a trace of your actions 
. However to be perfectly honest I dont think any authentication software anywhere would be dumb enough to use key-by-key password checking. Not only is it more computationally intensive, it reduces the strength of the password to practically nothing. However, I may be wrong (and MS frequently do stupid things) so post the OS variant and type of network share, I'm curious now
~Sigital
. However to be perfectly honest I dont think any authentication software anywhere would be dumb enough to use key-by-key password checking. Not only is it more computationally intensive, it reduces the strength of the password to practically nothing. However, I may be wrong (and MS frequently do stupid things) so post the OS variant and type of network share, I'm curious now ~Sigital
most bruteforce crackers work like this:
first it tries 1 letter passwords like:
a
b
c
etc
then 2 letter passwords:
aa
ab
ac
until
zz
26 * 26 combinations (without numbers in teh passwords)
and so on, but since most authentications only allow you to enter a wrong pass 3 times theres no way to really use this shit
first it tries 1 letter passwords like:
a
b
c
etc
then 2 letter passwords:
aa
ab
ac
until
zz
26 * 26 combinations (without numbers in teh passwords)
and so on, but since most authentications only allow you to enter a wrong pass 3 times theres no way to really use this shit
Three times per connection sure, but then you dont try cracking someone's password by bruteforcing telnet over the internet, it would take too long. Usually brute-force attacks against an authentication mechanism are launched either locally or over a high-speed network. That way you can burn through hundreds of thousands of combinations fast enough to be worthwhile. Do it at five in the morning and (hopefully) you'll have found it before anyone checks the logs. Unless they have an IDS.... you did use a proxy right?
~Sigital
~Sigital
K well are we talking about cracking win9x PW's, NT pw's, or over the internet. Cracking Windows 9x passwords is like the simplest thing possible. All you gotta do is copy all of the .PWL files from c:/windows/, get a program like Cain, and your set. They have very easy encryptions to break. However, NT passwords are a bit harder... I'm trying to get the admin password at my school, just for fun of course.. But on NT systems, they use .SAM files. SAM files are way more
secure than .pwl files in general. There is only one fault to them, Since
Windows NT/2000 computers are made to be backward compatible with other
versions of Windows (such as 98,95, etc.) they must use a weaker encryption
called LanMan encryption which is only slightly better than .PWL encryption. So basically what I am saying is that in order to crack the password, you need
to get ahold of the SAM file. Now, unlike Windows 9.x based computers, all the
passwords are stored in only ONE sam file instead of multiple .pwl files like
in Windows 9.x. There is one drawback to all of this though. It is very
difficult to obtain a copy of the SAM file on Windows NT/2000 computers. The
REAL SAM file is in the directory C:/winnt/system32/config and is under the
name SAM. Now, of course their is one drawback to this. As long as Windows NT
or 2000 is running, Windows locks out any access to obtaining the SAM file. So
don't bother going there. There is this tool that administrators like to use
that backups important files, including the SAM file which is located in
another directory that is NOT locked by Windows. This directory is
C:/winnt/repair/ in which there is a file called SAM._ located there. It is a
compressed version of the real SAM file. And to break .SAM file encryption, you need a program like L0phtcrack. L0phtcrack specializes in breaking .SAM file encryptions. And that is the end of my post.
*Note: Breaking .PWL files will take at most 1 hour, but breaking a .SAM file could take up to 24hours.
secure than .pwl files in general. There is only one fault to them, Since
Windows NT/2000 computers are made to be backward compatible with other
versions of Windows (such as 98,95, etc.) they must use a weaker encryption
called LanMan encryption which is only slightly better than .PWL encryption. So basically what I am saying is that in order to crack the password, you need
to get ahold of the SAM file. Now, unlike Windows 9.x based computers, all the
passwords are stored in only ONE sam file instead of multiple .pwl files like
in Windows 9.x. There is one drawback to all of this though. It is very
difficult to obtain a copy of the SAM file on Windows NT/2000 computers. The
REAL SAM file is in the directory C:/winnt/system32/config and is under the
name SAM. Now, of course their is one drawback to this. As long as Windows NT
or 2000 is running, Windows locks out any access to obtaining the SAM file. So
don't bother going there. There is this tool that administrators like to use
that backups important files, including the SAM file which is located in
another directory that is NOT locked by Windows. This directory is
C:/winnt/repair/ in which there is a file called SAM._ located there. It is a
compressed version of the real SAM file. And to break .SAM file encryption, you need a program like L0phtcrack. L0phtcrack specializes in breaking .SAM file encryptions. And that is the end of my post.
*Note: Breaking .PWL files will take at most 1 hour, but breaking a .SAM file could take up to 24hours.
Back in '82 I could throw the pigskin a quarter mile.
There is also another way the get the secure sam.
Get a 9x boot disk from the internet that has a NTFS driver included.
put in boot disk and reboot computer in to 9x. The ntfs driver will let your 9x disk see the NTFS partition.
now since you are not in NT/windows 2000 the security is not there so you can copy the sam file to the disk. Or
(I forget the size of a typical SAM file) copy it to the root folder or mayber make a duplicate and rename it... use your imagination!
reboot computer into nt/2000 copy your saved sam file you can use a CD-RW formated with a Packet writing software...In-cd, direct cd... or a pocket usb drive.....
enjoy....
Get a 9x boot disk from the internet that has a NTFS driver included.
put in boot disk and reboot computer in to 9x. The ntfs driver will let your 9x disk see the NTFS partition.
now since you are not in NT/windows 2000 the security is not there so you can copy the sam file to the disk. Or
(I forget the size of a typical SAM file) copy it to the root folder or mayber make a duplicate and rename it... use your imagination!
reboot computer into nt/2000 copy your saved sam file you can use a CD-RW formated with a Packet writing software...In-cd, direct cd... or a pocket usb drive.....
enjoy....
[url]http://www.INTROVERSION.CO.UK/bookthree[/url]
USERNAME bookthree
PASSWORD thehackermanifestoiscrap
USERNAME bookthree
PASSWORD thehackermanifestoiscrap
-
NeoThermic
- Introversion Staff
- Posts: 6256
- Joined: Sat Mar 02, 2002 10:55 am
- Location: ::1
- Contact:
heh, for 9x machines, forget cracking the pwl file, just reboot the machine, and get into dos (press F9 if i remember correctly).
then navigate to the windows directory and rename all pwl files to .pwl.old
now reboot, put in the username that you want to hack, put in any password, and confirm it, and you are in. do what you want, then reboot, and rename the .old files back into .pwl
As for cracking shares over a network, yes, i can confirm its done one letter at a time (stupid eh...) grab yourself a copy of GIF Secuirty Scanner, and scan any shares that you have on a 9x machine (it doesnt work on 2k NT or XP), and then click crack password. Look at the toolbar on the bottom, and you see it cracking the password, one letter at a time...
{GFI is located at www.GFI.com }
<edit - fixed url - why cant anyone work urls - einstein>
(Edited by einstein at 5:50 pm on Jan. 4, 2003)
then navigate to the windows directory and rename all pwl files to .pwl.old
now reboot, put in the username that you want to hack, put in any password, and confirm it, and you are in. do what you want, then reboot, and rename the .old files back into .pwl
As for cracking shares over a network, yes, i can confirm its done one letter at a time (stupid eh...) grab yourself a copy of GIF Secuirty Scanner, and scan any shares that you have on a 9x machine (it doesnt work on 2k NT or XP), and then click crack password. Look at the toolbar on the bottom, and you see it cracking the password, one letter at a time...
{GFI is located at www.GFI.com }
<edit - fixed url - why cant anyone work urls - einstein>
(Edited by einstein at 5:50 pm on Jan. 4, 2003)
Who is online
Users browsing this forum: Google [Bot] and 50 guests