Jump to content

burn

Active Members
 View Profile  See their activity

  • Posts

    102

  • Joined

  • Last visited

 Content Type 

Posts posted by burn

    [CONTEST]Can Ya Crack This??

    in Security

    Posted

    I created a wordlist with every possible permutation of the word arr_pirate (302,400 lines).

    I ran it through my while loop:

    while read pass; do rar e arr_pirate.rar -p$pass; done < wordlist

    It never found a password that worked, though. At some point, the terminal's font turned into hieroglyphics and became unreadable.

    There must be a better way to check rar passwords than with a simple while loop. Or maybe I shouldn't run it in a terminal...

    PLuNK, do you care to offer any additional hints to maybe get more people insterested in cracking this again? Can you confirm whether or not the password is a permutation of the word 'arr_pirate'? I would hate to spend 8 hours again trying to crack this password. :)

    So far I'm still in the game!

    [CONTEST]Can Ya Crack This??

    in Security

    Posted

    I've never needed to crack a rar password so I'll give this a try. I haven't figured it out yet but here's what I've got so far in case this is useful to anyone:

    Here are the hints provided:

    File hasn't been modified in any way,

    The password is pretty easy.

    Considering you haven't guess what "ten under score" is I'll tell ya..

    The password has ten characters including one underscore.

    "Some of the file names may be hints also.. "

    -----

    I tried rarcrack but from what I can tell there's no way to tell it the password is of fixed length.

    -----

    I tried keeping the format of the filename consistent but changing the placement of the underscore

    arrpirate_

    arrpirat_e

    ...

    _arrpirate

    I noticed the first three letters could be changed to say "rar" so I tried the same with rarpirate:

    rarpirate_

    ...

    _rarpirate

    I tried the same with piratearr and piraterar.

    Neither combination worked.

    -----

    Next, I wanted to get a list of all possible permutations of the word arrpirate.

    I found this script:

    http://www.daniweb.com/code/snippet540.html

    I had to install the perl module List::Permutor

    You can find instructions here:

    http://www.livejournal.com/doc/server/lj.i...up.modules.html

    I changed my $word = 'perl'; to my $word = 'arr_pirate';

    I also changed print "One order is @set.\n"; to @set\n";

    I saved the perl script as permutator.pl and ran it (using time to see how long it took):

    time perl permutator.pl > wordlist

    real 1m16.998s

    user 1m16.765s

    sys 0m0.208s

    The resulting file contained a space between every character which you can fix like this:

    sed 's/ //g' wordlist > wordlist2

    mv wordlist2 wordlist

    The file was 3,628,800 lines long:

    wc -l wordlist

    3628800 wordlist

    I noticed duplicate lines in my new wordlist:

    grep irarrpate_ wordlist

    12

    So I sorted the list using the -u (uniq) flag (again, using time):

    time sort -u wordlist > wordlist2

    real 0m36.180s

    user 0m35.942s

    sys 0m0.220s

    mv wordlist2 wordlist

    wc -l wordlist

    302400 wordlist

    That's a bit better.

    Earlier, I was using this command to try my variations of arrpirate_ on the rar file:

    while read pass; do rar e arr_pirate.rar -p$pass; done < wordlist

    There were 10 lines in each wordlist and it took roughly 1.2 seconds to go through each one.

    If I were to apply the same crude math on my new wordlist it would take around 8 hours to go through the whole thing

    302400/10 = 30240 seconds

    30240/60 = 504 minutes

    504/60 = 8 hours

    Not bad but I want to try something else, first.

    One thing that PLuNK said was "The password has ten characters including one underscore."

    Does he mean that the password is a word and then an underscore? If that's true it would drastically cut down the size of my wordlist.

    I went back to the original perl script and removed the underscore from the word variable, which produced a much smaller wordlist:

    sed 's/arrpirate_/arrpirate/g' permulate.pl > permulate2.pl

    perl permulate2.pl > wordlist

    wc -l wordlist

    362880 <-- already 3 million lines shorter

    sort -u wordlist > wordlist2

    mv wordlist2 wordlist

    wc -l wordlist

    30240 <-- that's better

    This shouldn't take near as long to go through:

    30240/10 = 3024 seconds

    3024/60 = 50 minutes

    Let's put an underscore at the end of each word:

    sed 's/$/_/g' wordlist > wordlist2

    mv wordlist2 wordlist

    That's much better. I'm going to split the wordlist in half and run 2 simultaneous threads to shorten the time:

    30240/2 = 15120

    mkdir thread1

    mkdir thread2

    cp arr_pirate.rar thread1/

    cp arr_pirate.rar thread2/

    head -15120 wordlist > thread1/wordlist-thread1

    tail -15120 wordlist > thread2/wordlist-thread2

    In terminal 1:

    cd thread1

    while read pass1; do rar e arr_pirate.rar -p$pass1; done < wordlist-thread1

    In terminal 2:

    cd thread2

    while read pass2; do rar e arr_pirate.rar -p$pass2; done < wordlist-thread2

    I also opened 2 more terminals and ran this command in each one:

    cd thread1 (obviously using thread2 for the 4th terminal)

    while true; do sleep 5; ls -ltr; done

    Each one took roughly 30 minutes (I forgot to time them) but neither extracted the contents of the rar file.

    So, either I did something very wrong (which is possible) or the password does not end with an underscore.

    BTW, some of you guys are using older versions of WinRAR which might cause problems extracting newer files. I think Winzip versions earlier than 10 can't open encrypted zip files created with version 10+. Just a thought.

    Sorry for the long post but I wanted to be as thorough as possible.

    i'm starting to get pissed @avast ! ...

    in Everything Else

    Posted

    I've always used AVG and I've really liked it. It's very simple, it has real-time protection, and it's ALWAYS found software that I knew was bad (even when downloading zip files).

    However, I'm always on the lookout for something better so when I built my new box I installed Avast. I used it for about 4 months or so and there's not much about it that I like. I just recently uninstalled it and switched back to AVG.

    SharpMusique

    in Everything Else

    Posted

    Are you talking about this:

    http://directory.fsf.org/all/sharpmusique.html

    SharpMusique - The fair interface to the i Music Store

    SharpMusique is a Free Software interface to which allows one to interact with the i Music Store. If provides the following functionality:

    * Preview songs

    * Signup for an account

    * Buy songs and albums

    * Redownload songs that you bought with SharpMusique

    * Redeem cola caps

    * Redeem gift certificates

    And here's a little history of the program:

    http://en.wikipedia.org/wiki/PyMusique

    Centrally managing the network .............

    in Everything Else

    Posted

    First of all, the Enterprise version of Exchange doesn't have an IS (Information Store) size limit. Perhaps you can upgrade?

    To help you out with your issue on visiting every PC when you make network changes, consider the following:

    UltraVNC - it gives you session encryption, which WinVNC doesn't offer and it lets you authenticate based on your AD credentials.

    VNC is fine but that's only slightly better than physically visiting every machine.

    Roaming User Profiles or Folder Redirection - This would give you the ability to add a script to everyone's startup folder to automatically map printers. This requires Active Directory.

    Some sort of PsExec script to run a NET USE command on everyone's PC - look into the /persistent command parameter to make sure the printer mappings aren't deleted when the user logs off. Easy to script to run on every machine on the network using psexec parameters.

    and last but not least ...

    Startup / Logon scripts - your best friend when managing a network ... maps drives, printers, creates desktop icons, loads registry keys, runs other programs at startup. There is one BIG difference to keep in mind regarding the difference between a Startup script and a Logon script. Startup scripts are found in the Computer section and are ran with Administrator privileges when the computer is first booted. Logon scripts run with the user's privileges when the user logs in. You can't install programs or update HKLM registry hives in a Logon script unless your users are local administrators (BAD BAD BAD).

    For example, a simple Logon script that maps a printer:

    http://www.computerperformance.co.uk/Logon...ipt_Printer.htm

    Easy stuff. Do more Google searching to find how to make different printers the default printer based on the computer name.

    I wrote this in kind of a hurry so there might be a mistake or two.

    CLI Windows Update?

    in Questions

    Posted

    The only tool I know of to do this is wuauclt.

    There's not much documentation for it and several Google results will tell you that.

    I also don't know if this is only limited to WSUS (Windows Server Update Services?) or if it can be used for Internet updates as well.

    I'm almost positive that you can't actually update a computer with this tool, rather only force a connection with whatever update server to download the needed updates.

    This command is also one of those run-it-and-wait jobs where there's no feedback from the program as to what it's actually doing so you'll have to wait a few minutes to see if the WU icon appears in the systray. Maybe keeping an eye on Event Viewer might tell you something.

    running a DoS window in the background?

    in Questions

    Posted

    If you're talking about making a DOS window look like it's part of the background, try searching Google for keywords like transparent, command, windows, cmd, prompt ... something to that effect.

    There are a few programs out there that let you do it, but they're all rather slow and buggy. They're pretty much just useful for screenshots to impress your friends.

    Here's one result I found that semi-works but from the screenshot you're still left with the title bar. I've used other ones that remove that stuff, but I can't remember their name .. maybe you can add those to your search.

    http://www.hanselman.com/blog/TransparentC...tInWindows.aspx

    Good luck.

    Rss Feeds

    in Questions

    Posted

    you can't beat bloglines.com for RSS.

    It's web-based, so like your webmail you can read them anywhere, not just from whichever PC you've installed your RSS reader on.

    And their site rocks. Very easy to navigate and also easy to subscribe to new feeds.

    Zune is incompatible with Vista but can run Linux?

    in Everything Else

    Posted

    Don't forget other better ways (although the .jpg hack is too easy to not have been found by the MS beta testers / designers)

    1. newsgroups (alt.binaries.nl - nzb's rock!)

    2. google search (intitle:"index of" -inurl:(html | htm | php) +size +description +"last modified" song keywords mp3) <- best used in conjunction with spiderzilla or wget

    I'm talking about sharing music not stealing it off the interweb

    What's the difference?

    Zune is incompatible with Vista but can run Linux?

    in Everything Else

    Posted

    Not quite, it's a hack.

    1 You have to use the Zune as another drive first

    2 Then change the .ext of the file to jpg

    3 Then drop it into a folder with other real pictures

    4 Then send the entire folder to another zune

    5 They have to enable it as another drive

    6 Copy the file to their computer

    7 Rename the .ext

    thats alot of steps for a music file

    Better ways

    1 E-Mail it

    2 Thumbdrive

    3 Ad Hoc

    4 Netcat

    Don't forget other better ways (although the .jpg hack is too easy to not have been found by the MS beta testers / designers)

    1. newsgroups (alt.binaries.nl - nzb's rock!)

    2. google search (intitle:"index of" -inurl:(html | htm | php) +size +description +"last modified" song keywords mp3) <- best used in conjunction with spiderzilla or wget

    CMD codes

    in Questions

    Posted

    Truecrypt is probably the best way to do it. You can do it without even installing Truecrypt if you run it from a USB key or something.

    Just download the Truecrypt zip file and extract the files you need. I think it tells you how to do it in the documentation.

    Then create a encrypted volume, hide the volume (using Window's hidden attribute) and you're done. You can even trick them with a truecrypt hidden volume inside a non-hidden volume. That way if they find it, you can show them your encrypted class notes or something.

×
×
  • Create New...