Branches
Comments
[»]
Mingw support
by Bernardo Reino (Lepton) - Sep 2nd 2004 16:10:08
I've done a couple of changes in sha1.h, md5.c solving some compatibility
problems.
Also, LCrack can now be compiled under the MINGW environment
(gettimeofday() is now implemented for MingW, and %llu is replaced by %I64u
-- don't worry, it's all #ifdef'd, so Unix/Linux/Cygwin works like
always..)
[reply]
[top]
[»]
Improvements and new features..
by Bernardo Reino (Lepton) - Sep 2nd 2004 12:55:10
Hi all,
After a long time, I'm back with lcrack :)
The regex's are now enumerated in increasing-length order, and the speed
penalty is very small (if you prefer the 'old' way of enumerating regex's,
use the '-g#' switch instead of '-g')
I've also added a separate 'regex' program that enumerates the expression
(with the 'usual' -s, -l and -g[#]) and dumps it to stdout..
I'm now also making a program called 'mktbl' that generates pre-computed
tables for faster cracking. Input is stdin (one word per line), and output
is a binary file suitable for use with '-xf+ -t' in lcrack. The program is
already finished, but I'm testing it..
I still haven't integrated my version with Bruneti's improvements, but
hopefully I'll take care of that soon..
I will shortly update the lycos site and the stuff here..
Lepton.
[reply]
[top]
[»]
Hi from Argentina!!!!!
by Lord Cheseline - Aug 11th 2004 01:55:33
Hello Mike!
Wonderful to see that you are still active with the tool.
Greetings from one of your students @CIUA!
CU
Lord Cheseline
aka Umpy ;-)
[reply]
[top]
[»]
Re: Hi from Argentina!!!!!
by Nekromancer - Aug 11th 2004 02:36:51
Hi Umpy
Nice to "see" you here ;-)
Are you "still in the business"? email me privately please.
Cheers,
Nekromancer
[reply]
[top]
[»]
Can you make it faster?
by Erman - Aug 11th 2004 01:19:09
I regularly use John The Ripper, mainly because is 8 times faster than
lcrack, but it lacks regex and sha-1 support.
[reply]
[top]
[»]
Re: Can you make it faster?
by Nekromancer - Aug 11th 2004 02:35:44
Hi Erman,
I ALSO use John the Ripper when bruteforce cracking speed or password
mangling is a must ;-)
I use Lepton's Crack for the features that make it unique:
a) REGEX support (see the link to the demo above)
b) Lotus Domino R4 support
c) SHA-1 support
Answering your question, the code is almost as fast as possible using pure
C language (OK, someone can improve it, for sure ;-)
To make it faster, portions of it have to be coded in machine language,
thus losing portability, and it's definitely not our intention to do that
in the inmediate future.
Cheers,
Nekromancer
[reply]
[top]
[»]
About the use of wildcards in the REGEX functionality
by Nekromancer - Aug 10th 2004 03:52:02
Well... I don't know if some people discovered that, but we never mentioned
this in the documentation ;-)
Lepton's Crack 20030404 and newer HAS wildcard support in the REGEX
functionality, that allows variable length support.
In this case, the -l modifier (normally used to specify the maximum length
to try for the entire password) has a slightly different meaning. It
specifies the length of the variable (wildcard) section.
Example:
For some strange reason, I know that a password starts with sjk (not sure
about the case), but I'm not sure what come after that or how many keys
were pressed, and it ends with 56.
./lcrack -m nt4 -g [sS][jJ][kK][*][5][6] -xb+ -l 4 crackme.txt
This will scan passwords with up to 4 characters in the wildcard
position.
./lcrack -m nt4 -g [sS][jJ][kK][*][5][6] -xb+ -l 8 crackme.txt
This will scan passwords with up to 8 characters in the wildcard position,
and will take loooong.
All other characters will follow the standard REGEX rules:
1st character: s or S
2nd character: j or J
3rd character: k or K
last 2 characters: 56
The reason it will take long in the second example is because currently
lcrack starts testing with the longest string, and proceeds down to 1
character.
That means that:
a) we've to change the routine to start with the shortest string, and
proceed up to the longest
b) in the mean time, it's better for you if you start with a short string,
and if there's no match try a longer one, sorry!
Cheers,
Nekromancer
[reply]
[top]
[»]
Crack mode in latest development branch (20031130)
by Nekromancer - Jul 30th 2004 05:44:14
Piero changed the default crack mode to NONE in engine.c
That means that you HAVE to specify at least 1 cracking mode with:
-xl+ : login mode
-xf+ : fast word list mode
-xs+ : smart word list mode
-xb+ : brute-force mode
Of course you can specify more than one (example):
./lcrack -m dom -xl+ -xb+ hashes.txt
will try login mode first, then incremental (bruteforce).
[reply]
[top]
[»]
Solving compiling problems with gcc 3.x
by Nekromancer - Jul 30th 2004 05:39:19
As mentioned in Lepton's Crack original site
(http://usuarios.lycos.es/reinob/):
If you run into problems trying to compile it with gcc 3.x, modify the
file sha1.h as follows (i.e.: remove the old code, put in the new
one):
OLD CODE:
#ifdef __USE_ISOC99
#include <stdint.h>
#else
/*
* If you do not have the ISO standard
* stdint.h header file, then you
* must typdef the following:
* name meaning
* uint32_t unsigned 32 bit integer
* uint8_t unsigned 8 bit integer (i.e., unsigned char)
* int_least16_t integer of >= 16 bits
*
*/
typedef unsigned int uint32_t;
typedef unsigned char uint8_t;
typedef short int int_least16_t;
#endif
NEW CODE THAT WORKS:
#include <stdint.h>
[reply]
[top]
[»]
CLUSTER
by Gordon - Jul 23rd 2004 03:53:59
Can this program be clustered?
[reply]
[top]
[»]
Re: CLUSTER
by Nekromancer - Jul 23rd 2004 04:23:57
Hi Gordon,
The application itself doesn't contemplate clustering, but I did some
testing using clusterKnoppix and splitting the file with the hashes in as
many parts as nodes I had in the cluster.
With this setup, clusterKnoppix itself took care to migrate every instance
of lcrack into a sepparate node, and all of them run at full speed.
In my opinion is the best way to "clusterize" Lepton's Crack.
Cheers,
Nekromancer
[reply]
[top]
[»]
New version with LM support, appending and prepending, etc.
by Nekromancer - Jul 22nd 2004 07:59:33
All this can be found in the latest and greatest in Piero Brunati's website
at:
http://www.nestonline.com/lcrack/
I strongly suggest that everyone interested in the use of the REGEX
functionality (probably the most interesting one in Lepton's Crack) has to
read the paper "An Experiment with Lepton's Crack" by Piero
Brunati:
http://www.nestonline.com/lcrack/lcexp1.html
Finally, for the clickies, enjoy the frontend programmed by Matteo
Brunati:
http://www.nestonline.com/lcrack/lcFE.htm
Cheers!
Nekromancer
[reply]
[top]
[»]
The development continues...
by Nekromancer - Apr 14th 2004 05:48:47
But now is in the hands of Piero Brunati and his son Matteo.
They've implemented the cracking of non-visible characters in LM hashes
(in fact the whole character set 0-255), wrote some nice documentation, and
a very good graphical frontend.
Thanks Piero and Matteo!
[reply]
[top]
[»]
Testing REGEX on development version
by Nekromancer - Apr 22nd 2003 01:43:55
I'm testing this functionality, but of course we'll be very happy to
receive information about any errors in the development version in the
email specified in the README.Developers ;-)
[reply]
[top]
[»]
Re: Testing REGEX on development version
by Ernie Hammond - Jun 6th 2003 07:38:36
Has been using it for a while without a glitch.
[reply]
[top]
[»]
Suggestion for TODO list
by Nube9 - Jan 21st 2003 01:11:22
The program is just excellent, but I'll love if it has some
"resume" functionality to stop the cracking and continue later.
[reply]
[top]
[»]
Re: Suggestion for TODO list
by Nekromancer - Jan 21st 2003 04:46:43
Well... this is in an unwritten TODO list ;-)
[reply]
[top]
[»]
Congratulations
by RockDaHouse - Jan 14th 2003 00:47:03
K00l guys. Keep adding more modules. This program is wonderful.
[reply]
[top]
[»]
Re: Congratulations
by DarkZide - Jan 14th 2003 06:51:37
Perhaps it would be better if we try to help... it's Open Source, isn't it?
;-D
[reply]
[top]
[»]
Re: Congratulations
by Nekromancer - Jan 14th 2003 10:22:19
Yes, it's Open Source under GPL.
And all of us around the world can help to make this program as powerful
and useful as we want.
Thanks for the comments!
[reply]
[top]
[»]
Developers are welcomed
by Nekromancer - Jan 7th 2003 08:27:45
Specially if anyone is willing to create a "standard" configure
script that uses autoconf and the like ;-)
Thank you in advance!
[reply]
[top]
[»]
Update
by Bernardo Reino (Lepton) - Dec 30th 2002 16:58:42
Support for SHA-1 hashes has been added, thanks to
a patch contributed by Burcin Erocal.
[reply]
[top]
|
