airdecap-ng
pcap-webcrypt
w dystrybucji bt jest narzedzie to tworzenia wlasnego slownika:
Kod:
debian:/mnt/ntfs/pentest/password/wyd# cat README
-[ wyd.pl ]-
[ About ]
In current IT security environments, files and services are often
password protected. In certain situation it is required to get
access to files and/or data even when they are protected and
the password is unknown.
wyd.pl was born out of those two of situations:
1. A penetration test should be performed and the default
wordlist does not contain a valid password
2. During a forensic crime investigation a password protected
file must be opened without knowing the the password.
The general idea is to personalize or profile the available
data about a "target" person or system and generate a wordlist
of possible passwords/passphrases out of available informations.
Instead of just using the command 'strings' to extract all the
printable characters out of all type of files, we wanted to
eliminate as much false-positives as possible. The goal was to
exlude as much "unusable" data as possible to get an effective
list of possible passwords/passphrases.
[ Options ]
Usage: wyd.pl [OPTIONS] <file(s)|directory>
Possible OPTIONS are:
-o <file> = The file where all extracted words will be written
to. If omitted, all words gets printed to STDOUT.
-t = Create separate files for each type. This option
required the -o <file> and creates single files
for each type. E.g. when <file> = 'list.txt'
and there are words found in MP3, plain-text and
HTML files, 'list.txt.mp3', 'list.txt.plain' and
'list.txt.html' will be created.
-s <min-len> = When you have a lot of unsupported file formats,
which are not ascii based, you can use this option
to parse all unknown filetypes using the UNIX command
'strings'. The parameter <min-len> is a number which
defines the minimum length of a printable sequence
of characters. All shorter sequences will be ignored.
The problem with 'strings' is, that it will detect a
lot of useless "false-positives".
-b = Disable the removal of non-alpha chars at start of word
By default all non-alpha numeric characters at the
beginning of a word are removed.
-e = Disable the removal of non-alpha chars at end of word
By default all non-alpha numeric characters at the
end of a word are removed.
-f = Disable inclusion of filenames (without extensions) in wordlist
By default, the filenames itself are also included in the
wordlist as they may contain product/project names, names
of songs (which do not have an IDv1/IDv3 tag), e.g.
-v = Enable debugging/verbose mode
-n = Do not wait for user input on missing modules/programs, just
continue
<file(s)|directory> can be either a single file or directory or a list
of files/directories.
[ Supported file types ]
At the moment the following file types are supported:
* plain
* html
* php (partially, no source scripts)
* doc
* ppt
* mp3
* pdf
* jpeg
* odt/ods/odp
Additionally all unknown files with MIME type text/plain are
processed using the plain module.
[ Examples usages ]
See 'docs/example-usage.txt'.
[ Writing modules ]
Seee 'docs/writing_modules.txt'
[ Licence ]
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
See 'docs/gpl.txt' for more information.
[ Authors ]
Max Moser <[email protected]>
Martin J. Muench <[email protected]>
http://www.remote-exploit.org
[ Contributors ]
Harl <[email protected]>
Joshua D. Abraham <[email protected]>
debian:/mnt/ntfs/pentest/password/wyd#
dodatkowo zawsze mozna lamac same kombinacje numeryczne metoda bf np tym narzedziem:
http://wklej.org/hash/e45df276857/txt/