Category: Passwords

All about passwords!

C#, Hacking, Passwords

How to retreive Filezilla FTP passwords using C#

FileZilla stores passwords in two xml files. In recent servers file(recentservers.xml) and site manager file(sitemanager.xml). void ReadFileZillaFile(String filename) { try { if (File.Exists(filename)) { Console.WriteLine("Reading file " + filename + "."); Console.WriteLine("—–"); XmlTextReader reader = new XmlTextReader(filename); XmlDocument doc = new XmlDocument(); doc.Load(reader); foreach (XmlNode node in doc.DocumentElement.ChildNodes[0].ChildNodes) { foreach (XmlNode childNode in node.ChildNodes) { …

Microsoft Windows, Passwords, Security

How to Reset Your Windows Password

Forgot your Windows admin password? Windows stores its user information, including crypted versions of the passwords, in a file called ‘sam’, usually found in windowssystem32config. This file is a part of the registry, in a binary format previously undocumented, and not easily accessible. Overview This is a utility to reset the password of any user …

Brute-force, Cracking, Microsoft Windows, Passwords

Free Windows password cracker

Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.   Features: » Runs on Windows, Linux/Unix, Mac OS X, … » Cracks LM and NTLM …

Passwords, Penetration Testing

Dump credentials stored in Memory

Windows authentication system stores in memory users credentials. Windows caches user’s credentials so she can access for ex. network resources without having to enter her password constantly. There is a tool named Windows Credentials Editor (WCE) from Amplia Security company that can be used to to list logon sessions and add, change, list and delete …

Cracking, Cryptography, Passwords

Dump Windows password hashes

Download pwdump7 and run it to dump local system’s passwords from SAM and SYSTEM files.    Usage: Dump system passwords pwdump7.exepwdump7.exe Dump passwords from files pwdump7.exe -s <samfile> <systemfile>pwdump7.exe -s <samfile> <systemfile> Copy filename to destination pwdump7.exe -d <filename> [destination]pwdump7.exe -d <filename> [destination]

Metasploit, Passwords, Sniffing

Password sniffing with Metasploit

A packet sniffer is a computer program that intercepts and logs traffic passing over a network. The sniffer captures each packet, decodes the packet’s raw data, showing the values of various fields in the packet, and analyzes its content. If network communications are not encrypted (ssl) then it is possible to intercept communications and capture …

Cracking, Email, General, Passwords, Physical security, Vulnerabilities, WEB

1 xor 1 = 0 | How Apple and Amazon Security Flaws Led to an Epic Hacking

Password-based security mechanisms —which can be cracked, reset, and socially engineered— no longer suffice in the era of cloud computing. … The very four digits that Amazon considers unimportant enough to display in the clear on the Web are precisely the same ones that Apple considers secure enough to perform identity verification.‪ http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/