So the Juniper Netscreen/SSG ScreenOS password hash is a bit of a hidden mystery. I had in my hand the config of a Netscreen device and I wanted to perform a reverse of the password hashes to see if they were weak.

In this case here’s the line from the config:

1set admin user "admin" password "nAePB0rfAm+Nc4YO3s0JwPHtRXIHdn" privilege "all"

John The ripper has supported Netscreen passwords since back in 2008… Continue reading

So in order to teach myself how to create multi-threaded python apps I decided to have a go this morning at writing a simple MD5 bruteforcer (using a wordlist).

The way this works is that you create worker threads and each worker thread pulls an item from the queue and processes it; when finished it pulls another item from the queue and so on.

123456789101112131415161718192021222324252627282930313233343536373839#!/usr/bin/env python # import sys,Queue,threading,hashlib,os… Continue reading

So I wanted a quick way to create an MD5 sum of all the files recursively in a directory so i wrote a quick python script to do this.

Basically run the python file and provide the directory you want to check. This will create a new txt file named md5sYYYY-MM-DD-HHMM.txt containing a list of the files found along with their md5sums.

Then to check the the files run it… Continue reading

OK, so at my work place we’ve just got some new laptops and they have a proper GPU for a change (we’ve in the past had intel GPUs). I was lucky enough (or unlucky enough) to be given the job of spec’ing these laptops and my hunt was to include a decent GPU for hash cracking. I strived for an ATI chip but with budget in mind and with the… Continue reading

So Linkedin hashes have recently been leaked onto the net, and plenty of people have been cracking them. Meanwhile eHarymony passwords were also leaked!

The hashes are here and a quick download is all thats needed. wget them to prevent your browser from trying to render the entire txt file!

Throwing a dictionary at it with 80,546,115 words in it results in 22% cracked passwords.

12345678910111213141516171819202122232425262728293031$ ./oclHashcat-plus64.bin eharmony.txt -r rules/best64.rule… Continue reading