Main
Codex
Librarium Whitehat
Advisories
Blog Pics
"Inveniam viam aut faciam" : I will either find a way, or I shall make one

Adeptus-Mechanicus - BlogMe


How to install Metasploit on OSX: – Leo Ni

Metasploit is an open-source Framework, providing information security professionals with a powerful tool in developing and executing exploit code against a remote target machine, and it is becoming well known for anti-forensic, penetration testing and evasion domains.

Since Apple Mac OS X is built on FreeBSD, Metasploit should be able to run on Mac OS X, if we properly configure it. This article introduces the step-by-step working level instructions on how to install Metasploit on Mac OS X.
Address : <http://www.adeptus-mechanicus.com/codex/contrib/ln-msfapp/ln-msfapp.php>

Published by leo, on January 30th, 2013 at 3:03 am. Filled under: GeneralNo Comments

Cracking Passwords 101

A question I have gotten multiple times recently is “how do I do password cracking?”. People think they need to start with big dictionaries, clever rules, or other stuff. While that is useful, the truth is getting started is not difficult. If anything it is .. repetitive. Seriously. To show you what I mean I figured a practical demostration would be in order. So lets start with the “rootkit.com” hashlist and get “hashcat” and “john the ripper”. Now follow along and see how you do:
Address : <http://www.adeptus-mechanicus.com/codex/crkpass/crkpass.php>

Published by erich, on January 24th, 2013 at 4:13 am. Filled under: General2 Comments

Hashdumps and Passwords

15-Jan-2013: Added “Gawker” from 2010. Added “Stratfor“, “Rootkit.com” and “Project Mayhem” from 2011. Added “BKAV” from 2012. Progress across all lists. I also need to say thanks (Thanks!) to @Cronusq8-“Cronus the great” for sharing his work on the MD5 hashes.

Address : <http://www.adeptus-mechanicus.com/codex/hashpass/hashpass.php>

 

Published by erich, on January 16th, 2013 at 4:02 am. Filled under: GeneralNo Comments

Hashdumps and Passwords

30-Dec-2012: Seperated out the “double-md5-ed” hashes from Blackstar and Opisrael. Added dictionary analysis reports. Also some progress across all lists.

Address : <http://www.adeptus-mechanicus.com/codex/hashpass/hashpass.php>

Published by erich, on December 30th, 2012 at 10:48 pm. Filled under: GeneralNo Comments

John the Ripper and Hashcat – Markov Mode Comparison

Looking back at the year it seems I spent a lot of time dealing with passwords. While it was fun and enlightening, it brought home again how we start taking our tools for granted. We should always be looking at our tools to see if they can be used better or if they should be replaced. I will admit right up front, I am a great fan of both hashcat and john the ripper, and I think they are both great tools. They each excel in certain areas, but there is always a lot of debate over which is better. This intensifies when the comparison is around the implementation of the “Markov” mode attack. I will not repeat what you can find on wikipedia but in VERY simple terms it allows for better “brute forcing” after analyzing a list of already cracked passwords.

Both john the ripper and hashcat implement this, but in different ways. I wanted to see how they stacked up against one another.
Address : <http://www.adeptus-mechanicus.com/codex/jtrhcmkv/jtrhcmkv.php>

Published by erich, on December 29th, 2012 at 7:59 pm. Filled under: GeneralNo Comments

Hashdumps and Passwords

18-Dec-2012 update:  Some progress across all lists and added “Project OpIsrael” hashes and dictionary of found plaintext

Address : <http://www.adeptus-mechanicus.com/codex/hashpass/hashpass.php>

Published by erich, on December 19th, 2012 at 3:05 am. Filled under: GeneralNo Comments

Hashdumps and Passwords

Published by erich, on December 13th, 2012 at 4:13 am. Filled under: GeneralNo Comments

Metasploit and owning Windows: LANMan Rainbow cracking

Previously I have gone through using metasploit to own your windows targets. In that article we looked at the password hashes stored locally on the target and using a rainbow cracking mechanism on those hashes. Great. But that does not help you if you are targeting domain credentials. Those hashes are not stored locally on workstations. But all is not lost. We can still try something, lets start by assuming you already have exploited your target..
Address : <http://www.adeptus-mechanicus.com/codex/metalan/metalan.php>

Published by erich, on December 7th, 2012 at 4:03 am. Filled under: GeneralNo Comments

SANS Mentor SEC401 Session Toronto

I am lucky enough to be able to mentor the SANS 401 course in Toronto next year around April. And while this is partly a shameless plugging of that course, I also have no problems doing so as I have a great appreciation for the SANS courses and can recommend them. The mentor format is good for those people who cannot get time off work but still want face-to-face interaction and the course material is excellent.

I promise to work hard to not put anoyone to sleep 🙂 Seriously, take a look at the course overview, sign-up and come learn.

Mentor SEC401 Session
Toronto, ON | Thu Apr 11 – Thu Jun 13, 2013

Published by erich, on December 6th, 2012 at 9:46 pm. Filled under: GeneralNo Comments

Whats to see in BlackStar?

On November 2nd 2012, the Ghostshell hacker group released a rather large dump of records from various Russian companies. The original link is http://pastebin.com/yXN7uc6r. So being the inquisitive sort, I figured let me take a look at this dump and see what I could see.
Address : <http://www.adeptus-mechanicus.com/codex/blkstar/blkstar.php>

Published by erich, on November 19th, 2012 at 4:43 am. Filled under: GeneralNo Comments