|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
|
|
Posted: Tue May 12, 2009 1:27 am |
|
|
InsidePro |
Active user |
|
|
Joined: Sep 13, 2008 |
Posts: 28 |
|
|
|
|
|
|
|
Extreme GPU Bruteforcer has been updated to version 1.5.
In the new version:
- Added mask attack. To enable it, in the INI file create (or uncomment) the "Mask" parameter that contains a mask; for example: pass?d?d?d?d?d?d, ?u?u?u?l?l?l2009, etc. The application supports up to 15 custom character sets (in the INI file parameters "CustomCharacterSet1"..."CustomCharacterSetF"), where you can define custom character sets or combinations of standard character sets - for example, "CustomCharacterSet1=?l?u?d", "CustomCharacterSet9=abcdefABCDEF?d", which are engaged in the "Mask" parameter as ?1 and ?9 respectively (Note: Mask in EGB is formed practically the same way as in PasswordsPro). The speed of mask attack for all modules is the same as the speed of brute force attack!
- Added new module, "MD5_Unicode.exe", for recovering Unicode passwords to MD5 hashes. Its average operation speed on GF8800GS is 240М p/s.
- Added new parameter to INI file - AttackTime, which allows limiting attack time (in minutes) and thus improves the flexibility of the application when it is launched from a BAT-file with different INI files (for example, with different character sets for the attack).
- Up to 512 - increased the maximum value of the StreamProcessors parameter.
Download the new version: http://www.insidepro.com/download/egb.zip |
|
|
|
|
|
|
|
|
Posted: Wed Jun 10, 2009 6:37 pm |
|
|
InsidePro |
Active user |
|
|
Joined: Sep 13, 2008 |
Posts: 28 |
|
|
|
|
|
|
|
Extreme GPU Bruteforcer has been updated to version 1.5.1.
In the new version:
- Added auto-saving current password in INI file during attack every 5 minutes.
- All application modules recompiled to the latest edition of CUDA - v2.2.
- Added new module - md5($username.0.$pass). Search speed per hash on GF8800GS is 155M p/s.
- Increased maximum password length in the modules MD5.exe (to 55 characters) and MD5_Unicode.exe (to 27 characters). |
|
|
|
|
Posted: Sat Dec 12, 2009 3:16 pm |
|
|
InsidePro |
Active user |
|
|
Joined: Sep 13, 2008 |
Posts: 28 |
|
|
|
|
|
|
|
Extreme GPU Bruteforcer has been updated to version 1.6.
In the new version:
- Added support for MultiGPU, i.e. simultaneous use of all GPU cores for attack (maximum number of GPU - 16).
- Added new hashing module: LM.exe.
- Maximum number of salted hashes per attack increased to 512, etc.
More >> |
|
|
|
|
Posted: Sun Feb 07, 2010 6:11 pm |
|
|
InsidePro |
Active user |
|
|
Joined: Sep 13, 2008 |
Posts: 28 |
|
|
|
|
|
|
|
Extreme GPU Bruteforcer has been updated to version 1.6.1.
In the new version:
- Added new module MD5(Unix).exe.
The attack speed per hash in this module makes (on GeForce 8800GS) about 85k p/s.
- Added displaying information on the duration of attack.
- Added new parameters to INI files.
More >> |
|
|
|
|
Posted: Tue Feb 16, 2010 10:33 am |
|
|
dhukkaman |
Beginner |
|
|
Joined: Feb 15, 2010 |
Posts: 3 |
|
|
|
|
|
|
|
Sorry to be a total noob but how do I get the hashes I want to crack to be run with the program? I have been searching for ages to find how this is done but haven't got anywhere.
Please could you explain it simply for us learners out here. |
|
|
|
|
|
|
|
|
Posted: Tue Feb 16, 2010 2:55 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
dhukkaman wrote: | Sorry to be a total noob but how do I get the hashes I want to crack to be run with the program? I have been searching for ages to find how this is done but haven't got anywhere.
Please could you explain it simply for us learners out here. |
Those hashes are usually stored in sql database and of course they are protected from malicious persons. But there are scenarios as:
1. sql injection vulnerabilities - attacker can manipulate database so that hash retrieval is possible (lazy software developers and website admins)
2. phpmyadmin interface can unprotected and accessible from web (lazy admins)
3. sql database backup file can be accessible from web (lazy admins ...)
4. LFI/RFI/Remote File Disclosure and other vulnerabilities can finally lead to the hash retrieval from database
5. open TCP port 3306 with weakly configured mysql daemon and weak username/password (such as root user with empty password)
6. googledork:
http://www.google.ee/#hl=et&q=filetype%3Asql+phpmyadmin+dump+members+converge&lr=&aq=&oq=&fp=9a016538702b090f
More good information:
http://www.hackersforcharity.org/ghdb/ |
|
|
|
|
|
|
|
|
Posted: Tue Feb 16, 2010 6:37 pm |
|
|
dhukkaman |
Beginner |
|
|
Joined: Feb 15, 2010 |
Posts: 3 |
|
|
|
|
|
|
|
waraxe wrote: | dhukkaman wrote: | Sorry to be a total noob but how do I get the hashes I want to crack to be run with the program? I have been searching for ages to find how this is done but haven't got anywhere.
Please could you explain it simply for us learners out here. |
Those hashes are usually stored in sql database and of course they are protected from malicious persons. But there are scenarios as:
1. sql injection vulnerabilities - attacker can manipulate database so that hash retrieval is possible (lazy software developers and website admins)
2. phpmyadmin interface can unprotected and accessible from web (lazy admins)
3. sql database backup file can be accessible from web (lazy admins ...)
4. LFI/RFI/Remote File Disclosure and other vulnerabilities can finally lead to the hash retrieval from database
5. open TCP port 3306 with weakly configured mysql daemon and weak username/password (such as root user with empty password)
6. googledork:
http://www.google.ee/#hl=et&q=filetype%3Asql+phpmyadmin+dump+members+converge&lr=&aq=&oq=&fp=9a016538702b090f
More good information:
http://www.hackersforcharity.org/ghdb/ |
Thank you for the reply and the information.
Yes, the hashes are from my mysql database but my question was rather what do I do with them with extreme gpu bruteforcer? |
|
|
|
|
|
|
|
|
Posted: Sat Oct 09, 2010 5:01 pm |
|
|
InsidePro |
Active user |
|
|
Joined: Sep 13, 2008 |
Posts: 28 |
|
|
|
|
|
|
|
Extreme GPU Bruteforcer has been updated to version 1.7
In the new version, we have added dictionary attack and many other new features.
More >>> |
|
|
|
|
Posted: Tue Oct 12, 2010 9:21 am |
|
|
Turbo_boy |
Regular user |
|
|
Joined: May 16, 2009 |
Posts: 7 |
Location: Netherlands |
|
|
|
|
|
|
|
|
|
|
Posted: Tue Oct 19, 2010 6:03 pm |
|
|
InsidePro |
Active user |
|
|
Joined: Sep 13, 2008 |
Posts: 28 |
|
|
|
|
|
|
|
Added hashing modules MD5(phpBB3).exe and MD5(Wordpress).exe; i.e. now you can run very fast dictionary attacks on hashes with signatures $H$7, $H$9 and $P$B.
For example, on NVIDIA GTS250 my attack speed on hashes of these types is almost 90 times higher than in PasswordsPro.
More >>> |
|
|
|
|
Posted: Sat Jan 15, 2011 7:01 pm |
|
|
InsidePro |
Active user |
|
|
Joined: Sep 13, 2008 |
Posts: 28 |
|
|
|
|
|
|
|
Extreme GPU Bruteforcer has been updated to version 1.8 >>> |
|
|
|
|
Posted: Fri Feb 04, 2011 5:05 am |
|
|
InsidePro |
Active user |
|
|
Joined: Sep 13, 2008 |
Posts: 28 |
|
|
|
|
|
|
|
Extreme GPU Bruteforcer has been updated to version 1.8.1 >>> |
|
|
|
|
Posted: Thu Jun 09, 2011 5:23 pm |
|
|
InsidePro |
Active user |
|
|
Joined: Sep 13, 2008 |
Posts: 28 |
|
|
|
|
|
|
|
Extreme GPU Bruteforcer has been updated to version 1.9.
In the new version:
- The number of salted hashes for attack is now literally unlimited and may reach 5000000.
- More >>> |
|
|
|
|
Posted: Sun Jun 26, 2011 9:44 am |
|
|
pktun420 |
Advanced user |
|
|
Joined: Jun 08, 2010 |
Posts: 93 |
|
|
|
|
|
|
|
Gr8 Work i like it !!! |
|
|
|
|
Posted: Mon Jun 27, 2011 12:17 pm |
|
|
pktun420 |
Advanced user |
|
|
Joined: Jun 08, 2010 |
Posts: 93 |
|
|
|
|
|
|
|
is it possible that we can start password length from 1-10 then 10 to 11 on EGB for cracking hashes so we can use multiple machines for cracking hashes. i dont know much about cracking hashes. but this is just suggestion to crack hashes on multiple machines.
sorry for my english i hope you get my point. |
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|