Saturday, November 25, 2006

Tools of the Trade - Now with Beta-Carotene!

1) Oxid.it has recently Cain & Abel 4.1

New features:
  • Cain's MitM NTLM Challenge Spoofing. (Requires APR to be active and a MitM condition between victim hosts).You can now spoof server challenges in NTLM authentications; this feature enables the use of RainbowTables for cracking network hashes. WARNING !!! Enabling Challenge Spoofing cause users to fail authentications so use it carefully.
  • NTLM Session Security authentications downgrade to LM&NTLMv1. The following protocols are supported: SMB, DCE/RPC, TDS, HTTP, POP3, IMAP, SMTP.
  • LM + spoofed challenge Hashes Cryptanalysis via Sorted Rainbow Tables.
  • HALFLM + spoofed challenge Hashes Cryptanalysis via Sorted Rainbow Tables.
  • NTLM + spoofed challenge Hashes Cryptanalysis via Sorted Rainbow Tables.
  • New types of RainbowTables have been added to Winrtgen v2.2. "lmchall" and "ntlmchall" tables can be used against LM and NTLM response hashes for spoofed challenges (0x1122334455667788). "halflmchall" tables can be used against the first 8 bytes LM response hashes for spoofed challenges to recover the first 7 characters of the original password.

2) Winamp 5.32 has been released. This release does not appear to be in response to any security issues however.

No comments:

Post a Comment