When running SQLDict on Backtrack Linux it is possible to run into an issue where SQLDict crashes when loading the password file. The issue appears to be that the SQLDict executable is expecting the password file to have a file ending on it no matter what it is and if not it causes SQLDict and…
SQLDict servers one purpose which is to brute force Microsoft SQL Server passwords. The easiest way to launch SQLDict is using the Backtrack navigation menu which launches the SQLDict.exe application using wine. The interface is easy to use as shown in the below example images.
So many of the DNS enumeration scripts available in backtrack focus on typical DNS but reverseraider does what it sounds like it might do which is enumerate reverse DNS names. Enumerating reverse DNS on an IP or set of IP’s can sometimes reveal information you did not previously have. It is possible to be targeting…
Awhile back purehate and myself started writing articles related to Backtrack in an attempt to write a single article about each application available within Backtrack 4. Things came up and we never accomplished that goal so here we go again with a second attempt to write a single article for every Backtrack application. If you…
Recently I needed to find out information about a Juniper router password which is stored as a hash in the router configuration. The tricky part is while the password hash is technically a MD5 hash it is modified to make it unique and make it harder to crack. Luckily there is a way to crack…
Cisco devices running the Cisco IOS have three types of ways to display passwords in the device configuration which include Type 0, Type 5, and Type 7. Below we describe all three methods of storing passwords in the Cisco IOS device configuration and how to obtain the password from each method either by simply reading…
The below article explains how I used password fingerprinting to crack 500,000 password hashes in less than half a day completly automated. This article shows each command step by step, but only to describe the details of how password fingerprinting with oclHashcat works. The reality is that the password fingerprinting process can easily be automated…
Today I will be reviewing Dnsmap from the Backtrack 4 Distribution. Dnsmap was originally released back in 2006 and has become a standard tool included is every backtrack release. There are other tools which preform the same tasks but I am a firm believer that a pentester/hacker should have the choice of as many tools…
I get really sick of trying to remember all the commands I use to work with wordlists so I had some free time and decided to finally get it all in one place. I started out just gathering all my notes in a text file but then I decided to code up a menu to…