lm2ntcrack provides a simple way to crack instantly Microsoft Windows NT Hash (MD4) when the LM Password is known. lm2ntcrack is Free and Open Source software.
This software is entirely written in Perl, so its easily ported and installed.
(more…)
SA is the administrative login for the MSSQL. To Change the MSSQL SA password please use following steps:
Step 1. Go to the command prompt of the server ( Start >> Run >> Cmd ) and type in command
osql –L
This command will list all the MSSQL servers near you.
Step 2. Copy full name of required MSSQL server and type
osql -S copied_servername –E
By this command you’ll connect to MSSQL server using Server administrator account (Windows Authentication).
Step 3. To change sa password you should execute the following query:
1> sp_password NULL,’new_password’,’sa’ 2> go
Here the new_password will be the password which you want to set.
Now try to login to MSSQL using new password.
Another quick way:
OSQL -S MyServer -E -Q "EXEC sp_defaultdb 'sa', 'master'" OSQL -S MyServer -E -Q "EXEC sp_password NULL, 'NewPassword', 'sa'"
Our friends over at WonderHowTo.com just launched the 2008 Video Awards! For those of you who have never been to the site, or seen our left sidebar on this site linking to their videos,they are the one-stop shop for all how-to videos on the internet. With a library of over 225,000 videos they provide the largest, most contemporary, and most diverse resource in this increasingly growing space.
The WonderHowTo 2008 Video Awards! is their first annual competition that celebrates excellent instructional videos…on any topic under the sun. Since they source and index videos from more than 1900 specialty sites around the world, they truly get front row seats to every insanely wonderful tutorial that is produced. WonderHowTo picked the nominees based on numerous factors including; intent to instruct, originality of concept, and story telling. Categories include Hacks, Sex, Pranks, Weird Science and many more. These finalists’ videos are extremely interesting and I have a feeling that the voting will come down to the wire
Voting will be open for one month, from October 13th through midnight PST November 13, so get over to WonderHowTo right now and vote on the 2008 Best How To Videos In The Universe.
I’ll admit it: Sometimes I’m lazy and sometimes I hedge my bets a little. I didn’t have the time on Friday to look deeper into the real time requirements to hack a WPA password using Elcomsoft’s new tools. I knew the time needed was considerable, but I didn’t realize exactly how long it’d take: George Ou says it’d take 5793 years to crack a WPA password normally and even with a heftier computer than most of us will ever see, it’ll still take almost 6 years to break the key. And Robert Graham backs him up, saying all it takes is lengthening your key by one character.
I’d overestimated how much of an impact this could make on the security of a wireless network. I thought Elcomsoft might have come up with a viable attack against WPA, but in reality, this is just a marketing gimmick. No one’s going to devote 5+ years of computing power to hack a wireless network; first of all the information will probably be obsolete in that time frame, second, no one’s going to keep the same wireless network equipment and passwords for five years. At least I hope they won’t.
There are any number of easier, quicker ways to break into a network than trying to brute force the WPA passphrase, everything from social engineering to just breaking in and stealing the servers. Cracking the WPA will probably become easier as time goes by, but for now WPA is still a viable way to secure your wireless. Unless you’re doing something stupid like using dictionary words in your passphrase.
Via: mckeay.net
So your the only user on your computer and you want to have the security of your own password, but you don’t want to have to wait for all your startup programs to launch when you first boot up. You wish there was just some way to have your computer startup, load all your programs, but be secure so that it does it all in the background of the login screen and you don’t have to wait for it.
Paying something like $50 for a program such as Tweak UI is just out of the question, wouldn’t you agree? Well, luckily for you, you can do this for free! Just follow the next couple of steps in this post and you will have your dream in no time.
(more…)
We all know cracking techniques through graphics cards speciifically CUDA based NVidia is on the rise. Now the programmers have set their sights on WIFI cracking. One group reportedly bored through WPA and WPA2 encryptions using a brute-force technique juiced with one of Nvidia’s latest graphics cards . The card supposedly made the “password recovery” process up to 10,000 percent faster than CPU-based cracking. (more…)
Life these days has become largely dependent on passwords – whether we’re checking our emails, transferring funds or shopping online, passwords have their part to play. We’re constantly bombarded with horror stories of security breaches, fraud, and phishing sites. Users are consistently told that a strong password is essential these days to protect private data. Why is it, then, that users on websites opt for the same, consistent, insecure passwords time after time?
Taking an aggregate sample of passwords (primarily from the UK), we take a look at the most commonly occurring. If you spot your own password listed – it might just be time for a change!
(more…)
I had a chance to review the Keycarbon USB Home Mini this week. I’ve been wanting to try one of these to see how they would compare to a PS/2 keyboard logger, PS/2 is still pretty popular as far as cheaper keyboards but the shift in technology is going more towards USB keyboards. I was pretty impressed by the quality of the keylogger and its simple installation.
Why would someone want a hardware keylogger as opposed to a software based one? Well this question has it’s pros and cons:
The pros are:
The cons are:
Recovering the logs from the device can be done on any computer even though they offer the software to recover the logs faster, it’s not needed which makes this device a good tool to have in your arsenal. To recover the logs alls you you need to do is open any text editor (notepad etc…) and type in the password (default password is phxlog) and the device goes into menu mode, where you have a few options to choose
you have open so it’s best to open notepad or wordpad or any *nix/MAC equivalent before typing this. This menu will give you various options for the device ,which are:
Once you choose read the logs it starts auto typing the logs onto whatever window is open has the main focus (which is why you need to open a text editor). If you don’t like to wait for it to auto-type (you might have days of saved logs) you can get the software to download it in one swoop. The only problem with the software that as of now it’s only compatible with windows.
Detection of the Device:
Because the device doesnt install into the operating system its pretty much insvisible to the normal user. Only a trained computer expert would notice the device it because the only sign it’s there is that it is seen as a USB hub by the OS. It shows up as a “generic 4 port hub Vid_0451&Pid_2046” Vendor id of 0451 and a product id of 2046, which comes up as a generic Texas instruments device which wont raise many eyebrows. Because it’s a USB 1.1 hub it is possible that it may be discovered if someone plugs a USB 2.0 keyboard inline with it. (They might get a warning message telling them that their device can perform at a higher speed if they use a different port.) But the chances are slim of someone needing to replace their keyboard.
All in all this device is a stable tool to use, it logged with no problems at all with every keyboard/OS i used with it. Although the price is a little high for most people, it’s well priceless for businesses who need to keep an eye on employees, or a parent who needs to monitor their children’s internet activity. I want to thank Keycarbon for giving me the opportunity to review and test this device. Check out their site for other devices they offer that I didn’t get to review , but are another great alternative to stealth hardware logging.
Normally if a message is received during the passcode entry or while the screen is locked, a generic message of “New Text Message” appears, to prevent viewing of messages without unlocking the phone. However, if you place the IPhone into emergency call mode, any incoming SMS messages are previewed instead of presented as the generic messages.
Need to secure your usb drive? Click Here!
Chrome stores saves passwords in CLEAR TEXT.
1 ] Go to any site that allows you to sign in ex. webmail.pair.com
2 ] Enter your fake username. Enter a false (incorrect) password
3 ] Allow Chrome to save password ( It will prompt below the address bar)
4 ] Close Chrome
5 ] Locate and change directory using the command prompt to the path below
%:\Documents and Settings\%user name%\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Session ( Path might be different in Vista )
6 ] Note that the “Current Session” file needs to be present in your
“\Application Data\Google\Chrome\User Data\Default\” directory
7 ] Type this command in cmd : find “&secret” “Current Session”
8 ] You can see that its stored in clear text.
example:
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\C
hrome\User Data\Default>find “&secret” “Current Session”
---------- CURRENT SESSION login_username=FakeUser&secretkey=FakePass&x=18&y=8B
Need to secure your usb drive? Click Here!
