lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 16 Sep 2013 15:27:21 -0300
From: Gonzalo Camino <gonzalocamino@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: New Version of JBrute

Hey folks,

There's a new version (the second one) of JBrute, an Open Source,
multi-platform tool to "decrypt" hashed passwords
written in Java. It supports both brute-force and dictionary attack
methods, with a built-in rule pre-processor similar to
the JTR one, and it actually supports several standard algorithms and
several algorithms from propietary apps
(like Microsoft SQL Server, Oracle, SYBASE, and so on).

The change log of the current version:

v0.93:
Date: 11/09/2013
Fixes:
------
_ Error in encrypt main parameter with chained case (wrong encryption in
chained algorithms with non-default case)
_ Default character set changed to "loweralpha".
_ Now JBrute notifies you if it is using the default character set.
_ Error when format of Oracle10g hash is incorrect.
_ Error if format of PostgreSQL hash is incorrect.
_ Error if format of MSSQL-2000 hash is incorrect.
_ Error if format of MSSQL-2005 hash is incorrect.
_ Error if format of MSSQL-2012 hash is incorrect.
_ Improve performance on MYSQL-411 algorithm (3 times faster than last
implementation).
_ Changed MYSQL-411 hash format: you must not specify the '*' character at
the beginning of the hash.
_ Format of number of hashes per second in test mode changed. If number >
1000000, the last 3 digits will be replaced
with the "K" character. (so: 2500000 would be 2500K).
_ Improve performance for hashed special algorithms (by SpecialAlgorithm
class and MyMEssageDigest class).
_ Correct Sybase name algorithm (before JBrute knows it as SYSBASE-1502,
now is SYBASE-ASE1502).
_ Correct minor bug about case of username (salt) in POSTGRESQL algorithm.
_ Correct error when trying to decrypt a MD5CRYPT hash (both brute and
dictionary methods).
New Functionalities:
--------------------
_ New main parameter "--expected", that shows examples of the formats
expected for each supported algorithm.


Download page: https://sourceforge.net/projects/jbrute/files/latest/download

Homepage           - https://sourceforge.net/projects/jbrute
Blog               - https://sourceforge.net/p/jbrute/blog
Documentation      - https://sourceforge.net/p/jbrute/wiki/Home
Author             - Gonzalo Camino
License            - GNU General Public License version 3.0 (GPLv3)

Please, take a time to test it and send me comments!

Cheers,
Gonzalo.

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists