:-) Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls **Who is John Galt?** > -----Original Message----- > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > Sent: Saturday, November 05, 2005 11:53 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: FYI: FW: Cisco Secret 5 and John > Password Cracker > > http://www.ISAserver.org > > Don't tell Tony... > He'll start up about his > blind-ip-spoofing-based-exch-isa-server-publishing-local-host- > spam-attac > k-and-a-bag-o-chips dissertation again... > > -----Original Message----- > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > Sent: Saturday, November 05, 2005 9:41 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] FYI: FW: Cisco Secret 5 and John Password Cracker > > http://www.ISAserver.org > > Cain & Abel is a password recovery tool for Microsoft > Operating Systems. > It allows easy recovery of various kind of passwords by sniffing the > network, cracking encrypted passwords using Dictionary, > Brute-Force and > Cryptanalysis attacks, recording VoIP conversations, decoding > scrambled > passwords, revealing password boxes, uncovering cached passwords and > analyzing routing protocols. > > The program does not exploit any software > vulnerabilities or bugs that could not be fixed with little effort. It > covers some security aspects/weakness present in protocol's standards, > authentication methods and caching mechanisms; its main purpose is the > simplified recovery of passwords and credentials from various sources, > however it also ships some "non standard" utilities for Microsoft > Windows users. > > Cain & Abel has been developed in the hope that it will be useful for > network administrators, teachers, security consultants/professionals, > forensic staff, security software vendors, professional penetration > tester and everyone else that plans to use it for ethical reasons. The > author will not help or support any illegal activity done with this > program. Be warned that there is the possibility that you will cause > damages and/or loss of data using this software and that in no events > shall the author be liable for such damages or loss of data. Please > carefully read the License Agreement included in the program before > using it. > > The latest version is faster and contains a lot of new > features like APR > (Arp Poison Routing) which enables sniffing on switched LANs and > Man-in-the-Middle attacks. The sniffer in this version can > also analyze > encrypted protocols such as SSH-1 and HTTPS, and contains filters to > capture credentials from a wide range of authentication > mechanisms. The > new version also ships routing protocols authentication monitors and > routes extractors, dictionary and brute-force crackers for all common > hashing algorithms and for several specific authentications, > password/hash calculators, cryptanalysis attacks, password > decoders and > some not so common utilities related to network and system security. > > -----Original Message----- > From: Unknown User [mailto:9nkn0wn@xxxxxxxxx] > Sent: Thursday, November 03, 2005 10:27 AM > To: pen-test@xxxxxxxxxxxxxxxxx > Subject: Cisco Secret 5 and John Password Cracker > > Hi > > I have recovered some cisco passwords that are encrypted using the > secret 5 format. They look like this > > $1$Wgqc$sbb8R/2rtOhc7t86J5axj. > > The question is can i simply plug this into a standard unix type > shadow file format and use john to crack. I've tried this but I'm not > convinced that John is actually working. Its also incrediblly slow. > Any other tools available to crack these types of passwords. > > Thanks > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > jim@xxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > All mail to and from this domain is GFI-scanned. > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > >