162 matches found
[Salted Hash Kracker v1.5] Recover the Password from Salted Hash text
Salted Hash Kracker is the free all-in-one tool to recover the Password from Salted Hash text. These days most websites and applications use salt based hash generation to prevent it from being cracked easily using precomputed hash tables such as Rainbow Crack. In such cases, 'Salted Hash Kracker'...
IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval
This module identifies IPMI 2.0-compatible systems and attempts to retrieve the HMAC-SHA1 password hashes of default usernames. The hashes can be stored in a file using the OUTPUTFILE option and then cracked using hmacsha1crack.rb in the tools subdirectory as well hashcat cpu 0.46 or newer using...
CVE-2013-1800
The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for 1 YAML type...
DEBIAN-CVE-2013-1800
The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for 1 YAML type...
Type confusion
The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for 1 YAML type...
UBUNTU-CVE-2013-1800
The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for 1 YAML type...
CVE-2013-1800
CVE-2013-1800 concerns the crack gem for Ruby (0.3.1 and earlier). The issue arises from improper restriction of casts of string values, enabling potential object-injection and arbitrary code execution, or a denial of service, via Action Pack support for YAML type conversion or Symbol type conver...
[Hash Kracker Console] Tool to find out the password from the Hash
Hash Kracker Console is the all-in-one command-line tool to find out the password from the Hash. Currently it supports password recovery from following popular Hash types MD5 SHA1 SHA256 SHA384 SHA512 Also it offers 4 types of Password Recovery methods based on the complexity of password Dictiona...
CVE-2013-1800 rubygem-crack: YAML parameter parsing vulnerability
The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for 1 YAML type...
Tool Aids in Cracking Mysterious Gauss Malware Encryption
The mystery wrapped inside a riddle that is the Gauss malware’s encryption scheme may be closer to falling. Late last week, researcher Jens Steube, known as Atom, put the wraps on a tool that should bring experts closer to breaking open the encryption surrounding the espionage malware’s payload...
Windows 8 Security flaw : Logon Passwords Stores in Plain Text
Windows 8 is the first operating system from Microsoft to support alternative non-biometric authentication mechanisms such as Picture Password and PIN. A vulnerability discovered by a password security vendor - "Passcape" in Microsoft's Windows 8 operating system that it saves a log on password i...
Authentication Capture: MySQL
This module provides a fake MySQL service that is designed to capture authentication credentials. It captures challenge and response pairs that can be supplied to Cain or JtR for cracking. This module requires Metasploit: https://metasploit.com/download Current source:...
Oracle Password Hashdump
This module dumps the usernames and password hashes from Oracle given the proper Credentials and SID. These are then stored as creds for later cracking using auxiliary/analyze/jtroraclefast. This module supports Oracle DB versions 8i, 9i, 10g, 11g, and 12c. This module requires Metasploit:...
Topsi SQL Injection
|=----=----=----=----=----=--------=| | | | /\ /\ \ /\ /\ \ | | //\ /\ \ \L\ \ \ \ \ Turki$ hackers | | \ \ \ \ \ '\ \ \ | | \ \ \ \ \ \L\ \ \ \ \ \ | | \ \ \ / \ \ \ | | // // //// | | | | | |=----=----=----=----=----=--------=|...
Armitage 07.12.11 - Updated Version
Armitage 07.12.11 - Updated Version Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand...
Crack jsky 3.5.1 domain constraints of the method-vulnerability warning-the black bar safety net
| Recently many people add QQ ask me to, in fact I have no cracked version, is to amuse everyone play, but is actually very simple you can hack domain name restrictions of the method Official download address: the trial version I was the first to open as Shadow Defender is such a shadow system,...
Sqlmap v.0.9 - automatic SQL injection and database takeover tool !
Sqlmap v.0.9 - automatic SQL injection and database takeover tool ! sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for...
ZeuS Source Code Leaked, Available for Sale !
ZeuS Source Code Leaked, Available for Sale ! The source is C++ and supposedly contains everything. The seller is asking for 5500 WebMoney/LibertyReserve for the full source code of version 2.0.8.9. The source code has been leaked but the archive is password-protected. Now there's a race to see w...
Intel Finds BluRay HDCP Crack
Intel has confirmed Blu-ray HDCP encryption is cracked after admitting a leaked master key is the real deal. High-bandwidth Digital Content Protection HDCP copy protection technology is designed to protect high-definition video content as it travels across digital interfaces. Read the full...
Struts2/XWork < 2.2.0 remote execution of arbitrary code vulnerability analysis and patch-vulnerability warning-the black bar safety net
Neeao's Blog http://neeao.com/ : 1. exploit-db website on 7 month 1 4 day broke aStruts2 remote execution of arbitrary code vulnerabilityvulnerability, hazard of large, can be described as a crack shot, directly to the root, as long as the use Struts2 and webwork framework of the system for the...