[Hashcat v0.45] Advanced Password Recovery

* changes v0.44 -> v0.45:

Release with some new algorithms:

• AIX smd5
• AIX ssha1, ssha256, ssha512
• GOST R 34.11-94

We managed also to fix some bugs and implement some additional feature requests

Full changelog:

type: feature

file: hashcat-cli
desc: show status screen also when all hashes were recovered AND add start/stop time too

type: feature
file: hashcat-cli
desc: added -m 6300 = AIX {smd5}
cred: philsmd

type: feature
file: hashcat-cli
desc: added -m 6400 = AIX {ssha256}
cred: philsmd

type: feature
file: hashcat-cli
desc: added -m 6500 = AIX {ssha512}
cred: philsmd

type: feature
file: hashcat-cli
desc: added -m 6700 = AIX {ssha1}
cred: philsmd

type: feature
file: hashcat-cli
desc: added -m 6900 = GOST R 34.11-94
cred: Xanadrel

type: feature
file: hashcat-cli
desc: dropped predefined charsets ?h, ?F, ?G and ?R
trac: #55

type: feature
file: hashcat-cli
desc: added a collection of language-specific charset-files for use with masks
trac: #55

type: feature
file: hashcat-cli
desc: changed the E rule to lowercase all input before processing, its more intuitive
trac: #110

type: feature
file: rules
desc: added a more more complex leetspeak rules file from unix-ninja
trac: #112

type: feature
file: hashcat-cli
desc: changed outfile opts to line up with OCL style
trac: #120

type: feature
file: hashcat-cli
desc: --remove in combination w/ external salts should output plain hash files only (no salt)
trac: #153

type: bug
file: hashcat-cli
desc: fix progress line in status screen when all hashes were recovered

type: bug
file: hashcat-cli
desc: fix for some possible memory overflow problems

type: bug
file: hashcat-cli
desc: an external salt sort failure caused some hashes not to be checked against the digests
trac: #74

type: bug
file: hashcat-cli
desc: fixed a null-pointer dereference that can lead to a segmentation fault
trac: #104

type: bug
file: hashcat-cli
desc: fixed a bug if hashlist contains words with ascii character code >= 0x80
trac: #108

Download Hashcat v0.45

[Aircrack-ng 1.2 Beta 1] 802.11 WEP and WPA-PSK keys cracking tool

Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools.

Changelog summary

• Compilation fixes on all supported OSes.
• Makefile improvement and fixes.
• A lot of fixes and improvements on all tools and documentation.
• Fixed licensing issues.
• Added a few new tools and scripts (including distributed cracking tool).
• Fixed endianness and QoS issues.

Detailed changelog

* Airmon-ng: Added chipset information for ar9170usb, wl, rt2800usb, ar9271, wl12xx, RT3070STA, ath9k_htc, r871x_usb_drv, ath5k, carl9170 and various Intel drivers.
* Airmon-ng: Fixed chipset information ipw2200.
* Airmon-ng: Fixed output for r8187 driver.
* Airmon-ng: Improved chipset information for a few drivers.
* Airmon-ng: Support for displaying information about ath9k.
* Airmon-ng: Added 'check kill' to automatically kill services that could interfere.
* Airmon-ng: Fixed issues with Intel chipsets detection.
* Airmon-ng: Updated iw download link.
* Airmon-ng: Better mac80211 handling
* Airmon-ng: Added detection for WiLink TI driver, rtl819xU, iwlwifi.
* Airmon-zc: Improved version of Airmon-ng with more detailled information.
* Airdecap-ng: Fixed decoding QoS frames (Closes: #667 and #858).
* Airgraph-ng: Use Aircrack-ng Makefile instead of its own.
* Airbase-ng: Fixed bug using clients list.
* Airbase-ng: Fixed issue with QoS (ticket #760).
* Airbase-ng: Fixed sending beacons with null SSID.
* Airbase-ng: Allow non ASCII ESSID
* Airodump-ng: Fixed buffer overflow (ticket #728).
* Airodump-ng: Fixed channel parsing.
* Airodump-ng: Fixed FreeBSD battery reading.
* Airodump-ng: Renamed "Packets" column to "Frames" ("Packets" was not correct).
* Airodump-ng: Fixed XML bugs when outputting NetXML: ESSID containing '&' or chinese characters, when multiple encryption are used.
* Airodump-ng: Add alternative paths for Airodump-ng OUI file.
* Airodump-ng: Added GPSd 2.92+ support (JSON).
* Airodump-ng: Add option --manufacturer to display manufacturer column on airodump-ng.
* Airodump-ng: Add feature to show APs uptime (--uptime) based on the timestamp.
* Airodump-ng-OUI-update: Fixed OUI URL and allow CURL redirect (ticket #829).
* Airdrop-ng: removed .py from file names.
* Airdrop-ng: Fixed bug in installer.
* Airdrop-ng: Fixed OUI lookup.
* Airdrop-ng: Fixed bug when several BSSID have the same ESSID.
* Airdrop-ng: Doesn't constantly parse anymore, wait 5 seconds each time it parses.
* Airdrop-ng: Fixed crash when failing to get channel or when rules file didn't exist.
* Airdrop-ng: Fixed to use lorcon.py/lorcon2 libs.
* Airdrop-ng: Updated README.
* Airdrop-ng: Fixed error preventing update to work.
* Versuck-ng: New script to do the same thing as the kismet autowep plugin from the CLI.
* Aircrack-ng: Fixed counter display error when cracking WPA.
* Aircrack-ng: Added output of the WPA handshake to EWSA project file.
* Aircrack-ng: Added output of the WPA handshake to oclhashcat+ project file.
* Aircrack-ng: Added benchmark option, -S.
* Aircrack-ng: Fixed -u option.
* Aircrack-ng: PIC fix for hardened systems from Francisco Blas Izquierdo Riera (klondike)
* Aircrack-ng: Allow dictionaries larger than 2Gb.
* Aircrack-ng: Give a better message when there's an error with the dictionary.
* Aircrack-ng: Prevent a buffer overflow from happening (Wojciech Waga).
* Aireplay-ng: Added migration mode attack from Leandro Meiners and Diego Sor from Core Security (BlackHat Las Vegas 2010)
* Aireplay-ng, Airodump-ng: Added option to ignore issue with -1 channel.
* Airserv-ng: Fixed crash when clients disconnect.
* Besside-ng-crawler: Added EAPOL Crawler.
* Airdecloak-ng: Fixed bug when using pcap files with PPI headers.
* dcrack: Distributed cracking server/client
* wifi-detect.sh: reference script for testing wifi card detection using iwconfig vs ls /sys/class/net
* WPA Clean: Tool to merge and clean WPA capture files.
* Wireless Panda: C# Library to parse Airodump-ng output files (and added example project).
* OSdep (Linux): Setting fixed bitrates on mac80211 2.6.31 and up.
* OSdep (Linux): Added support for nl80211 thanks to impulse32. Use 'make libnl=true' to add netlink support (Ticket #1004).
* Manpages: Improvement and fixes for Airgraph-ng, Airodump-ng, packetforge-ng, Aircrack-ng
* Manpages: Fixed various spelling issues and single quote issues.
* Makefiles: Added tests for the different tools.
* Makefiles: Various fixes and improvements.
* Makefiles: Added support for libgrypt instead of OpenSSL via parameter.
* Patches: Added a few patches.
* Removed useless script: patchchk.
* Finally fixed licensing issues.
* Fixed endianness issues in most of the tools.
* Fixed cppcheck errors (Ticket #957).
* Fixed various compilation issues on Linux and Cygwin, GNU/Hurd, Darwin (OSX) and Sparc.
* Fixed compilation on recent gcc versions on Linux, Cygwin.
* Added instructions for Travis CI: Free Hosted Continuous Integration Platform for the Open Source Community.
* Added Readme.Md for GitHub. Aircrack-ng subversion repository is synced on GitHub: http://github.com/aircrack-ng/aircrack-ng
* Various other small bug fixes.

Download Aircrack-ng 1.2 beta 1

[Salted Hash Kracker v1.0] Tool to recover the Password from Salted Hash text

Salted Hash Kracker is the free all-in-one tool to recover the Password from Salted Hash text.

These days most websites and applications use salt based hash generation to prevent it from being cracked easily using precomputed hash tables such as Rainbow Crack. In such cases, 'Salted Hash Kracker' will help you to recover the lost password from salted hash text.

It also allow you to specify the salt position either in the beginning of password(salt+password) or at the end of the password (password+salt). In case you want to perform normal hash cracking without the salt then just leave the 'Salt field' blank.

Currently it supports password recovery from following popular Hash types

• MD5
• SHA1
• SHA256
• SHA384
• SHA512

It uses dictionary based cracking method which makes the cracking operation simple and easier. You can find good collection of password dictionaries (also called wordlist) here & here

It is fully portable and works on all Windows platforms starting from Windows XP to Windows 8.

Download Salted Hash Kracker v1.0

[Hash Kracker Console] Tool to find out the password from the Hash

Hash Kracker Console is the all-in-one command-line tool to find out the password from the Hash.

Currently it supports password recovery from following popular Hash types

• MD5
• SHA1
• SHA256
• SHA384
• SHA512

Also it offers 4 types of Password Recovery methods based on the complexity of password

• Dictionary Crack
• Hybrid Crack
• Brute-force Crack
• Pattern based Brute-force Crack

Being a command-line makes it faster and easy for automation. It is fully portable tool and includes installer also.

It works on wide range of platforms starting from Windows XP to Windows 8.

Download Hash Kracker Console v1.0
More

[oclHashcat-lite v0.15] Worlds fastest NTLM, MD5, SHA1, SHA256 and Descrypt Cracker

Features

• Worlds fastest NTLM, MD5, SHA1, SHA256 and descrypt cracker
• Free
• Multi-GPU (up to 128 gpus)
• Multi-OS (Linux & Windows native binaries)
• Multi-Platform (OpenCL & CUDA support)
• Multi-Algo (see below)
• Low resource utilization, you can still watch movies or play games while cracking
• Focuses one-shot, lightweight hashes
• Supports mixed GPU types
• Supports markov attack
• Supports mask attack
• Supports distributed cracking
• Supports pause / resume while cracking
• Supports sessions
• Supports restore
• Supports hex-salt
• Supports hex-charset
• Integrated thermal watchdog
• ... and much more

Algorithms

• MD5
• md5($pass.$salt)
• Joomla
• SHA1
• nsldap, SHA-1(Base64), Netscape LDAP SHA
• sha1($pass.$salt)
• nsldaps, SSHA-1(Base64), Netscape LDAP SSHA
• Oracle 11g
• MSSQL(2000)
• MSSQL(2005)
• MySQL
• MD4
• md4($pass.$salt)
• NTLM
• Domain Cached Credentials, mscash
• SHA256
• sha256($pass.$salt)
• descrypt, DES(Unix), Traditional DES
• SHA512
• sha512($pass.$salt)
• Cisco-PIX MD5
• Double MD5
• vBulletin < v3.8.5
• vBulletin > v3.8.5
• IPB2+, MyBB1.2+
• LM
• Oracle 7-10g, DES(Oracle)
• SHA-3(Keccak)
• Half MD5
• NetNTLMv1-VANILLA / NetNTLMv1+ESS
• NetNTLMv2
• Cisco-IOS SHA256

Download here: http://hashcat.net/oclhashcat-lite/

type: driver

file: host programs
desc: added support for AMD ADL v5.0 library

type: feature
file: hashcat-cli
desc: added mode -m 5500 = NetNTLMv1-VANILLA / NetNTLMv1+ESS
trac: #51
trac: #96

type: feature
file: hashcat-cli
desc: added mode -m 5600 = NetNTLMv2
trac: #56

type: feature
file: kernels
desc: added -m 5700 = Cisco-IOS SHA256
cred: philsmd

type: feature
file: kernels
desc: modified -m 5100 = Half MD5 so that it accepts only 16 byte input, see next change why
trac: #89

type: feature
file: kernels
desc: modified -m 5100 = Half MD5 so it can crack middle and right portions, too (not just left)
trac: #89

type: bug
file: kernels
desc: fixed bug in NVidia version had to switch back to bitness-depending kernels

type: bug
file: kernels
desc: fixed bug in NVidia version writing to constant memory from kernel isnt allowed

type: bug
file: hashcat-cli
desc: fixed bug in benchmark-mode, do not run MD5 again at end

type: bug
file: hashcat-cli
desc: fixed bug in benchmark-mode, Memory stepping when doing a benchmark
trac: #57

[oclHashcat-plus v0.14] Worlds fastest md5crypt, phpass, mscash2 and WPA/WPA2 cracker

Features

• Worlds fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker
• Worlds first and only GPGPU based rule engine
• Free
• Multi-GPU (up to 128 gpus)
• Multi-Hash (up to 15 million hashes)
• Multi-OS (Linux & Windows native binaries)
• Multi-Platform (OpenCL & CUDA support)
• Multi-Algo (see below)
• Low resource utilization, you can still watch movies or play games while cracking
• Focuses highly iterated modern hashes
• Focuses single dictionary based attacks
• Supports mask attack
• Supports distributed cracking
• Supports pause / resume while cracking
• Supports sessions
• Supports restore
• Supports reading words from file
• Supports reading words from stdin
• Supports hex-salt
• Supports hex-charset
• Integrated thermal watchdog
• 30+ Algorithms implemented with performance in mind
• ... and much more

Attack-Modes

• Straight ^*
• Combination
• Brute-force
• Hybrid dict + mask
• Hybrid mask + dict

Download here: http://hashcat.net/oclhashcat-plus/

type: driver
file: host programs
desc: added support for AMD ADL v5.0 library

type: feature
file: hashcat-cli
desc: added mode -m 5500 = NetNTLMv1-VANILLA / NetNTLMv1+ESS
trac: #51
trac: #96

type: feature
file: hashcat-cli
desc: added mode -m 5600 = NetNTLMv2
trac: #56

type: feature
file: kernels
desc: added -m 5700 = Cisco-IOS SHA256
cred: philsmd

type: feature
file: kernels
desc: modified -m 5100 = Half MD5 so that it accepts only 16 byte input, see next change why
trac: #89

type: feature
file: kernels
desc: modified -m 5100 = Half MD5 so it can crack middle and right portions, too (not just left)
trac: #89

type: bug
file: kernels
desc: fixed bug in NVidia version had to switch back to bitness-depending kernels

type: bug
file: kernels
desc: fixed bug in NVidia version writing to constant memory from kernel isnt allowed

[Hashcat v0.44] Advanced Password Recovery

Features

• Multi-Threaded
• Free
• Multi-Hash (up to 24 million hashes)
• Multi-OS (Linux, Windows and OSX native binaries)
• Multi-Algo (MD4, MD5, SHA1, DCC, NTLM, MySQL, ...)
• SSE2 accelerated
• All Attack-Modes except Brute-Force and Permutation can be extended by rules
• Very fast Rule-engine
• Rules compatible with JTR and PasswordsPro
• Possible to resume or limit session
• Automatically recognizes recovered hashes from outfile at startup
• Can automatically generate random rules
• Load saltlist from external file and then use them in a Brute-Force Attack variant
• Able to work in an distributed environment
• Specify multiple wordlists or multiple directories of wordlists
• Number of threads can be configured
• Threads run on lowest priority
• Supports hex-charset
• Supports hex-salt
• 30+ Algorithms implemented with performance in mind
• ... and much more

Attack-Modes

• Straight ^*
• Combination ^*
• Toggle-Case
• Brute-Force
• Permutation
• Table-Lookup

Download here: http://hashcat.net/hashcat/

type: feature

file: hashcat-cli
desc: added mode -m 9999 = Plaintext
trac: #45

type: feature
file: hashcat-cli
desc: added mode -m 5500 = NetNTLMv1 + ESS
trac: #96

type: feature
file: kernels
desc: added -m 5700 = Cisco-IOS SHA256
cred: philsmd

type: change
file: hashcat-cli
desc: changed the hash-format for NetNTLMv1 and NetNTLMv2 to .lc format
cred: #98

type: bug
file: hashcat-cli
desc: fixed bug in 32 bit version, did not crack -m 1800 sha512crypt
trac: #92

type: bug
file: hashcat-cli
desc: fixed bug in NetNTLMv2 parser
trac: #95

[Hashkill 0.3.1] Password Cracker Tool Released

 Hashkill is an opensource hash cracker for Linux that uses OpenSSL. Currently it supports 4 attack methods (dictionary, bruteforce, hybrid).

Hashkill has 35 plugins for different types of passwords (ranging from simple hashes like MD5 and SHA1 to passworded ZIP files and private SSL key passphrases).

Multi-hash support (you may load hashlists of length up to 1 million) and very fast GPU support on Nvidia (compute capability 2.1 cards also supported) and ATI (4xxx, 5xxx and 6xxx).

The latest update includes 9 new plugins: bfunix, drupal7, django256, sha256unix, mssql-2012, o5logon, msoffice-old, msoffice, luks. Of them msoffice-old is currently supported on CPU only, the rest are GPU-accelerated. Improved bitmaps handling in non-salted kernels addded, so that huge hashlists would be cracked at faster speeds. Now Thermal monitoring can now be disabled using -T 0 command-line argument.

Download Hashkill 0.3.1

[Wifite] Automated Way To Crack Wep

How crcak WEP key using Wifite


This tool is very easy to use and very powerful if one attack method won’t work so the will start working on the next attack and the best thing is this tool is fully automatic and powerful.

[Fcrackzip] Romper Contraseñas de archivos *.zip

La utilidad de este programa es mas bien simple, se basa en atackes con diccionario o con fuerza bruta para obtener la clave de un archivo .zip . Es muy parecido en uso y funcion a crark, asi que si habeis usado este no nos estrañara mucho la forma de usarlo.

Para compilarlo desde los repositorios seria:

sudo apt-get install fcrackzip
o lo podemos descargar y compilar desde AQUI .

Y ahora intentare detallar el modo de uso y las opciones disponibles que nos ofrece este programa:

fcrackzip [-bDBchVvplum2] [--brute-force] [--dictionary] [--benchmark] [--charset characterset] [--help] [--validate] [--verbose] [--init-password string/path] [--length min-max] [--use-unzip] [--method name] [--modulo r/m] file…

Opciones:

-H , -help : Imprime el numero de version y (con suerte) algunas ideas utiles -V , -verbose : hace el programa mas detallado.
-B , -brute-force : Utiliza la fuerza bruta con los parametros que detallemos. -D , -dictionary : leera un diccionario seleccionado por nosotros el cual solo puede contener una palabra por linea.
-C , -charset -charset-set-specification : selecciona los caracteres a usar en un ataque de fuerza bruta

- a - incluira todas las letras en minusculas [abc...]
- A - incluira todas las letras en mayusculas [ABC...]
- 1 - usara solamente numeros [ 1234567890 ]
- ! - usara solo caracteres especiales [ !:$%&/()=?[]+*~# ]
- : - tendra en cuenta los caracteres que especifiquemos siempre y cuando no sean binarios null (al menos bajo unix).

Por ejemplo, a1: $% selecciona los caracteres en minúsculas, dígitos, el dólar y el signo de porcentaje

- P , -init-password string - permite seleccionar el inicio de la contraseña (en el caso en que lo sepamos) tanto en modo de fuerza bruta como en modo de diccionario.
- L , -length min[-max] : Indicamos la longitud de la contraseña o desde cuantos cararteres tiene que empezar y en cuantos terminar.
- U , --use-unzip : esta opcion intenta descomprimir el archivo al encontrar la contraseña para evitar falsos positivos.
- M , --method name : Usa el metodo numero "nombre" en lugar del metodo predeterminado, puedes usar --help para ver los metodos disponibles.
- 2 , --modulo r/m : calcula solo el r/m de la clave. - B , --benchmark : poner una pequeña referencia.
- V , --validate : hacer comprobaciones sobre el archivo.

Unos ejemplos:fcrackzip-ca-p sample.zip aaaaaa
- selecciona la longitud y que use los carateres en minusculas
fcrackzip --method cpmask --charset A --init AAAA test.ppm
- comprueba test.pmm para cuatro caracteres. -TP fcrackzip -D -p passwords.txt sample.zip verifica cada contraseña que se encuentre en el archivo password.txt

Este programa promete ser rapido pero no especifica que equipo minimo hace falta para ello asi que espero que os valla bien.

[Fuente]

[Hydra v 7.4] Fast Network cracker

One of the biggest security holes are passwords, as every password security study shows. A very fast network logon cracker which support many different services, THC-Hydra is now updated to 7.4 version.

Hydra available for Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, Currently supports AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

Change Log

• New module: SSHKEY - for testing for ssh private keys (thanks to deadbyte(at)toucan-system(dot)com!)
• Added support for win8 and win2012 server to the RDP module
• Better target distribution if -M is used
• Added colored output (needs libcurses)
• Better library detection for current Cygwin and OS X
• Fixed the -W option
• Fixed a bug when the -e option was used without -u, -l, -L or -C, only half of the logins were tested
• Fixed HTTP Form module false positive when no answer was received from the server
• Fixed SMB module return code for invalid hours logon and LM auth disabled
• Fixed http-{get|post-form} from xhydra
• Added OS/390 mainframe 64bit support (thanks to dan(at)danny(dot)cz)
• Added limits to input files for -L, -P, -C and -M - people were using unhealthy large files! ;-)
• Added debug mode option to usage (thanks to Anold Black)

Download Hydra v 7.4 Fast Network cracker

[FTP Password Kracker] Crack FTP password

FTP Password Kracker is a free software to recover your lost FTP password directly from server. It uses brute-force password cracking method based on universal FTP protocol and can recover password from any FTP server.

It automatically detects and alerts you if the target FTP server allows any Anonymous (without password) connections. In case your FTP server is running on different port (other than port 21) then you can easily specify the same in the tool along with server IP address.

By default it includes sample dictionary (password list) file for password cracking. However you can find good collection of password dictionaries (also called wordlists) here & here.

If your password is complex then you can use tools like Crunch, Cupp to generate brute-force based or any custom password list file and then use it with 'FTP Password Kracker'.

For penetration testers and forensic investigators, it can be very handy tool in discovering poorly configured FTP accounts.

It works on both 32 bit & 64 bit windows systems starting from Windows XP to Windows 8.

Here are the main benefits of FTP Password Kracker:

• Free tool to recover the lost FTP password
• Works against any FTP server.
• Automatically remembers last used settings
• Option to specify non-standard FTP port.
• Uses siimple & quicker Dictionary Crack method
• Displays detailed statistics during Cracking operation
• Stop the password cracking operation any time.
• Generate Password Recovery report in HTML/XML/TEXT format.
• Includes Installer for local Installation & Uninstallation.

How to use? 

It is very easy to use tool for any generation of users.

Here are simple steps:

• Install 'FTP Password Kracker' on any system.
• Enter the IP Address & Port number (default 21) of the FTP Server.
• Then enter the username (Example: admin, anonymous etc)
• Next select the password dictionary file by clicking on Browse button or simply drag & drop it. You can find a sample dictionary file in the installed location.
• Finally click on 'Start Crack' to start the FTP Password recovery.
• During the operation, you will see all statistics being displayed on the screen. Message box will be displayed on success.
• At the end, you can generate detailed report in HTML/XML/Text format by clicking on 'Report' button and then select the type of file from the drop down box of 'Save File Dialog'.

Download FTP Password Kracker
License  : Freeware
Platform : Windows XP, 2003, Vista, Win7, Win8
More Info

[Wifi Honey] Creates fake APs using all encryption

This is a script, attack can use to creates fake APs using all encryption and monitors with Airodump. It automate the setup process, it creates five monitor mode interfaces, four are used as APs and the fifth is used for airdump-ng. To make things easier, rather than having five windows all this is done in a screen session which allows you to switch between screens to see what is going on. All sessions are labelled so you know which is which.

Installing wifi honey
chmod a+x wifi_honey.sh
./wifi_honey.sh fake_wpa_net
./wifi_honey.sh fake_wpa_net 1 waln1

Download Wifi Honey

[TCHead] TrueCrypt Password Cracking Tool

TCHead is software that decrypts and verifies TrueCrypt headers. TCHead supports all the current hashes, individual ciphers, standard volume headers, hidden volume headers and system drive encrypted headers (preboot authentication).

Brute-force TrueCrypt : However, TrueCrypt passwords go through many iterations and are strengthened. Cracking them takes time. Very strong passwords will not be cracked. Also, in addition to trying multiple passwords an attacker must try each password against each combination of hash and cipher (assuming they do not know what these are beforehand). System encrypted hard drives use only one hash and cipher, so attacking those is faster.

Testing TCHead: Create a TrueCrypt volume using the default hash and cipher (RIPEMD-160 and AES), set the password to "secret", then run TCHead against it like this and it will decrypt the header (provided that the word "secret" is in the word list)

Command : TCHead -f name_of_volume.tc -P words.txt

Decrypt hidden volumes:

Command : TCHead -f name_of_volume.tc -P words.txt --hidden

Multiple passwords (brute-force): Create or download a list of words in a text file (one word per line) using words that you think are likely to decrypt the header, then run TCHead against it like this. If the correct password is found, the header will be decrypted:

Command : TCHead -f name_of_volume.tc -P words.txt

Download TCHead