Information Security

Hashcat best64 Rule Details: Updated After The Best64 Challenge

Recently our friends working on the Hashcat projects had a open community challenge called The Best64 Challenge or TB64C. The reason being the fact that TB64C was to improve the most widely used ruleset that comes with all of the Hashcat products including oclHashcat-plus, oclHashcat-lite, hashcat, and hascat-gui. There is nothing better than when projects such as Hashcat get the community involved and what better way to do so than to provide a contest for people to provide feedback in the for of personal experience. Anyhow awhile back I wrote an article on tools.question-defense.com that described each of the best64 rules in more detail and there was a request for the article to be updated now that the ruleset has been improved. Below are the details of the new best64.rule file that will be released in all new releases of the Hashcat software line as of 04-21-2012.

Information Security

How To Tell Exactly How Many Spaces A ESSID Includes Using airodump-ng Or Wireshark

The other day I had a wireless network packet capture file saved as a .cap file. The ESSID that was displaying via normal aircrack-ng output of the WPA/WPA2 wireless packet capture lead me to believe there was at least one space included in the beginning of the ESSID and likely after the ESSID since it was not processing properly using oclHashcat-plus. I had never run into this before so wasn’t exactly sure the easiest way to figure out the number of spaces so I posed the question in the Freenode aircrack-ng IRC channel and got a couple responses which are noted below as well as instructions following the clearest solution.

Information Security

Crack Cisco IOS Password Hashes, Crack Cisco Type 5 & Type 7 Password Hashes

Cisco devices running the Cisco IOS have three types of ways to display passwords in the device configuration which include Type 0, Type 5, and Type 7. Below we describe all three methods of storing passwords in the Cisco IOS device configuration and how to obtain the password from each method either by simply reading the password, by quickly converting the password from the Cisco defined encryption algorithm, or by cracking MD5 UNIX password hashes.