From: Flory Jeffrey D Ctr 59 MDSS/MSISI (Jeffrey.Flory2.ctr@lackland.af.mil)
Date: Wed Feb 08 2006 - 14:25:44 EST
I agree, trial version never have really proven what the product will do
since you cannot utilize most of almost all the functions that a full
version offers. I personally will download freeware or shareware first and
test it out. Like you I find it to be worthless, I trash it. If I like the
tool and its functionality, I will keep it and try to boost its performance,
if possible.
Jeff
-----Original Message-----
From: Terry Vernon [mailto:tvernon24@comcast.net]
Sent: Wednesday, February 08, 2006 1:34 AM
To: 'Craig Wright'; 'ROB DIXON'
Cc: pen-test@securityfocus.com
Subject: RE: Rainbow Tables
I agree, back in my not so nice and legal days I had everything commercial
you could think of and used it to do some not so nice and legal things. Some
of it I did find useful enough to pay for while the majority being crap.
This was pre 2000. Like everyone else I don't like buying a car before I
drive it so-to-speak. Sadly not enough vendors offer full featured versions
as trial demos.
-Terry
(I know EVERYONE on this list has at least one cracked thing installed at
home/work ;) )
-----Original Message-----
From: Craig Wright [mailto:cwright@bdosyd.com.au]
Sent: Tuesday, February 07, 2006 9:07 PM
To: ROB DIXON
Cc: pen-test@securityfocus.com
Subject: RE: Rainbow Tables
Please explain 'WHY' a "malicious attacker" is NOT likely to use commercial
products.
In the real world attackers use "commercial products" all the time - from
script kiddies up. There are numerous Warez and Crack sites distributing
commercial software. There is a clear distinction from having to legally
obtain software and using a cracked version, but this has nothing to do with
use. If you are breaking the law by scanning, it is not likely that
copyright laws will hinder you.
There are far more LC5 installs than have been sold. Further, the commercial
products are oft easier - thus attracting more people to use them.
Craig
-----Original Message-----
From: ROB DIXON [mailto:RDIXON@workforcewv.org]
Sent: 8 February 2006 5:04
To: stark192@hotmail.com; pen-test@securityfocus.com
Subject: Re: Rainbow Tables
Hey Tony,
The "others" should be informed that the malicious attacker is most
likely to NOT use "commercial" products.
And that for a true benchmark, maybe use the products that a malicious
attacker would use. Most of which will probably be open source or free at
the least. That is assuming that they are not writing their own software. ;)
I guess I'm asking, how do you justify "not" using free products?
You can buy pre-computated rainbow tables, but there are different
rainbowtables for different types of hashes. Example: ntlm, ntlmv2, sha1 ,
md5, etc.
cheers,
New Guy
Robert L. Dixon, CSO
CHFI A+
State of West Virginia's
West VIriginia Office of Techonology
Infrastructure Applications
Netware/GroupWise Administrator
Telephone: (304)-558-5472 ex.4225
Email:rdixon@workforcewv.org
>>> <stark192@hotmail.com> >>>
Hello,
Trying to crack our password list at work, it's a long story, but it has
been put on a higher priority. I've been looking for some good pre-computed
hash tables, like Rainbow tables, that will work with LC5. Does anyone have
a source?
I'd like to use RainbowCrack but others want to stick to commercial
products.
Thanks,
Tony
------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for
vulnerabilities to SQL injection, Cross site scripting and other web attacks
before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------
------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for
vulnerabilities to SQL injection, Cross site scripting and other web attacks
before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------
Liability limited by a scheme approved under Professional Standards
Legislation in respect of matters arising within those States and
Territories of Australia where such legislation exists.
DISCLAIMER
The information contained in this email and any attachments is confidential.
If you are not the intended recipient, you must not use or disclose the
information. If you have received this email in error, please inform us
promptly by reply email or by telephoning +61 2 9286 5555. Please delete the
email and destroy any printed copy.
Any views expressed in this message are those of the individual sender. You
may not rely on this message as advice unless it has been electronically
signed by a Partner of BDO or it is subsequently confirmed by letter or fax
signed by a Partner of BDO.
BDO accepts no liability for any damage caused by this email or its
attachments due to viruses, interference, interception, corruption or
unauthorised access.
----------------------------------------------------------------------------
-- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- --- ---------------------------------------------------------------------------- -- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- --- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:28 EDT