This post is intended for users that forgot the root passwords or can’t use it due to other problems (corrupted file /etc/passwd or whatever). Can also be used to gain unauthorized to linux machines, but don’t do that.
What to do
Boot using a recovery CD or DVD.
Mount the drive
mount /mnt /dev/sda2
Replace the existing root password with an empty one
sed /^root/s/.*:root:/root::0:0:root:/ /mnt/etc/passwd
Malicious people don’t target big and corporate wireless networks only. If you have a Wi-Fi network at home or in a small office, your network might be attractive also. Malicious people might consider using unprotected and weak protected networks as hubs for malicious and illegal activities. By using an unprotected or weak protected wireless network, they can attack credit cards systems and netbanks from your wireless network and then all the illegal activities seems to originate from your IP address and your home or small office.
Therefore, all wireless networks should be protected with encryption.
Minimum Protection
Use WPA or WPA2 encryption (not WEP encryption, it is proven to be unsecure and weak)
If your wireless network devices do not support WPA or WPA2, then use WEP with minimum 128 Bit, enable mac address filtering (available in most SOHO routers), and use VPN-based encryption whenever it is possible.
THC-Hydra – the best parallized login hacker: for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more.
Download THC-Hydra, extract and compile
wget http://freeworld.thc.org/releases/hydra-5.4-src.tar.gz
tar zxvf hydra-5.4-src.tar.gz
cd hydra-5.4-src
./configure --disable-xhydra --prefix=~/bin
make
make install
Hydra v5.4 [http://www.thc.org] (c) 2009 by van Hauser / THC
Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e ns]
[-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-f] [-s PORT] [-S] [-vV]
server service [OPT]
Options:
-R restore a previous aborted/crashed session
-S connect via SSL
-s PORT if the service is on a different default port, define it here
-l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE
-p PASS or -P FILE try password PASS, or load several passwords from FILE
-e ns additional checks, "n" for null password, "s" try login as pass
-C FILE colon seperated "login:pass" format, instead of -L/-P options
-M FILE server list for parallel attacks, -T TASKS sets max tasks per host
-o FILE write found login/password pairs to FILE instead of stdout
-f exit after the first found login/password pair (per host if -M)
-t TASKS run TASKS number of connects in parallel (default: 16)
-w TIME defines the max wait time in seconds for responses (default: 30)
-v / -V verbose mode / show login+pass combination for each attempt
server the target server (use either this OR the -M option)
service the service to crack. Supported protocols: [telnet ftp pop3 imap smb
smbnt http https http-proxy cisco cisco-enable ldap mssql mysql nntp vnc rexec
socks5 snmp cvs icq pcnfs sapr3 ssh2 smtp-auth]
OPT some service modules need special input (see README!)
Use HYDRA_PROXY_HTTP/HYDRA_PROXY_CONNECT and HYDRA_PROXY_AUTH env for a proxy.
Hydra is a tool to guess/crack valid login/password pairs - use allowed only for
legal purposes! If used commercially, name and web address must be mentioned in
the report. You can always find the newest version at http://www.thc.org
Carwhisperer is a new tool, which allows people equipped with a Linux Laptop and a directional antenna to inject audio to, and record audio from bypassing cars that have an unconnected Bluetooth handsfree unit running. Since many manufacturers use a standard passkey which often is the only authentication that is needed to connect.
This tool allows to interact with other drivers when travelling or maybe used in order to talk to that pushy Audi driver right behind you . It also allows to eavesdrop conversations in the inside of the car by accessing the microphone.
Installation Guidelines
Install libbluetooth-dev
sudo aptitude install libbluetooth-dev
Download Carwhisperer, untar and compile carwhisperer
wget http://trifinite.org/Downloads/carwhisperer-0.2.tar.gz
tar zxvf carwhisperer-0.2.tar.gz
cd carwhisperer-0.2
make
Download simple passkey agent
A simple passkey agent is needed, a passkey agent, which is written to automatically return pin code 0000 to all bluetooth pin requests.
First, let me remind you that Windows security is very bad in relation to password storage, so it is very easy to recover, crack / hack your own windows administrator password. (remember that you should only crack our own accounts and not other users’ accounts without having the necessary permissions).
The tool we are going to use is called Ophcrack, which is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.
How to perform the actual password crack / recovery / hack
When Ophcrack finishes booting (it take a while, so be patient), you’ll see a list of all of the accounts available in your Windows installation. Click on Launch to initialize the cracking process.
As Ophcrack starts working, you’ll see several strange letter combinations appearing in the LMpasswd1 and LMpasswd2 fields.
I’m really impressed by the ease and speed that Ophcrack delivers. I managed to crack / hack / recover my Windows admin password in just 30 minutes, even though I used a password generator to generate a “secure” 8 letter alphanumeric password
From time to time someone sends me password protected Microsoft Excel (xls-files) spreadsheets. Getting xls files is in it self is bothersome, but that’s the way the world of IT is today, but hopefully more and more home and business users discover the OpenOffice productivity suite in the future. But getting password protected xls-files is just incredibly annoying – first of all it tells you that the person that just sent you the spreadsheet doesn’t have a clue on security matters, since protection techniques of that type is of no real use. They are simply too easy to crack, but again – why at all protect a document…
Howto Crack And Get Rid Of The “Password Protection” / “Recover” The Spreadsheet on Ubuntu
In order to perform the crack / recovery, we are going to use a small utility called xlcrack, xlcrack recovers lost or forgotten passwords from XLS files such as those created by Microsoft Excel. Some newer XLS files are not suitable for password recovery using this software.
Install libgsf-1
sudo aptitude install libgsf-1-dev
Download and compile xlcrack
wget http://freshmeat.net/urls/1d5772c1c5bea2854e1d04b29f1f772a
tar zxvf xlcrack-1.2.tar.gz
cd xlcrack-1.2
make
Carwhisperer is a new tool, which allows people equipped with a Linux Laptop and a directional antenna to inject audio to, and record audio from bypassing cars that have an unconnected Bluetooth handsfree unit running. Since many manufacturers use a standard passkey which often is the only authentication that is needed to connect.
This tool allows to interact with other drivers when travelling or maybe used in order to talk to that pushy Audi driver right behind you . It also allows to eavesdrop conversations in the inside of the car by accessing the microphone.
Installation Guidelines
Install libbluetooth-dev
sudo aptitude install libbluetooth-dev
Download Carwhisperer, untar and compile carwhisperer
wget http://trifinite.org/Downloads/carwhisperer-0.2.tar.gz
tar zxvf carwhisperer-0.2.tar.gz
cd carwhisperer-0.2
make
Download simple passkey agent
A simple passkey agent is needed, a passkey agent, which is written to automatically return pin code 0000 to all bluetooth pin requests.
This video shows Aircrack running on an iPod Touch/iPhone.
Getting the actual network data capture to the iPhone / iPod is not shown and thereby the capture of the needed IVs isn’t possible, but according to the author of the video, capturing of IVs will be available soon. The video thereby just shows that it is possible to crack the WEP IVs with an iPod Touch or iPhone using pre-captured IVs. It will the interesting to see the next step
