EncFS and TrueCrypt for Android - Cryptonite

Cryptonite brings EncFS and TrueCrypt to Android. You can browse, export and open EncFS-encrypted directories and files on your Dropbox and on your phone. On rooted phones that support FUSE (e.g. CyanogenMod) you can also mount EncFS and TrueCrypt volumes. TrueCrypt is only available as a command-line version at this time.

EncFS and TrueCrypt for Android

Cryptonite is an Android app that brings the FUSE based cryptographic filesystem EncFS and TrueCrypt to Android, you can link it to your Dropbox account with a single tap, after that you will be able to read and write on Dropbox EncFS volumes, exporting, viewing or uploading new files. Dropbox claims to keep data already encrypted in their servers but if anyone finds out your password account they will be able to read the files, encrypting them with Cryptonite you are placing a second security layer on top and block Dropbox built-in backdoor to your data.


To access your files offline sync them to a local folder with an app providing online storage synchronization, e.g. FolderSync. EncFS has a front end interface but Truecrypt is only available as a command line version, rooted phones that support the FUSE kernel, e.g. CyanogenMod, can mount an EncFS or Truecrypt volume, there is a Truecrypt work around to avoid having to use a rooted file browser, by typing “truecrypt –fs-options=”uid=1000,gid=1000,umask=0002″ volume.tc /sdcard/tc“. EncFS will use the encryption ciphers found in the system encryption libraries, Cryptonite allows you to select the encryption method, from a “Quick” Blowfish 128bit up to a “Paranoia” AES256bit with filename block encoding, other preferences include saving temporary files on an external SD card, setting up the mount storage point, clearing the cache and the “Chuck Norris mode” for experienced users that do not want to receive any security warning from the app.

You can browse, export and open encrypted EncFS directories and files on your Dropbox and to your phone, when you open a file from a decrypted EncFS volume Cryptonite will produce a temporary copy in “/data/data/csh.cryptonite/app_open/path_to_your_file”, anyone with access to your phone could recover those files, the app includes a text viewer that works in memory and does not save any temporary copy, there are plans to add an image viewer in the future but right now there isn’t one and if you open an image a temporary copy could be made on the phone outside the encrypted container.

Download  Cryptonite

Read More

GPU Password Auditing - Cryptohaze

Cryptohaze is the home of high performance, open source, network-enabled, US-based cross-platform GPU and OpenCL accelerated password auditing tools for security professionals. Currently, many security professionals are at a serious disadvantage in auditing as they cannot submit hashes to online hash databases due to the terms of their auditing agreement. Cryptohaze tools are aimed at providing high quality tools that run on any platform – Windows, Linux, or OS X. The tools run on all platforms that support CUDA or OpenCL (currently Windows, Linux, OS X). If you don’t have a GPU – the OpenCL code will run just fine on your host CPU!

GPU Password Auditing


The Cryptohaze tools are designed for both nVidia based graphics cards, and OpenCL devices (nVidia and ATI/AMD graphics cards, and Intel/AMD CPUs). Right now, the old Multiforcer requires CUDA support (so nVidia cards only), but the rainbow table tools and the new Multiforcer work on anything with a CPU, including Atom based devices. For best performance, a top of the line ATI card is recommended. nVidia cards simply do not have the hash performance of ATI right now. The tools do support BFI_INT and other ATI-specific operations to improve performance rather significantly over nVidia cards. That said, if you value your sanity, nVidia may be a better option for these tools. ATI’s driver support, especially under Linux, leaves much to be desired and they do not seem to care to fix it. nVidia support is reliable, tested, and is less likely to leave you balding. And the uptime of an nVidia server may compensate for the reduced performance.

Cryptohaze Multiforcer

The Cryptohaze Multiforcer is a high performance CUDA password cracker that is designed to target large lists of hashes. Performance holds very solid with large lists, such that on a suitable server, cracking a list of 1 000 000 passwords is not significantly slower than cracking a list of 10. For anyone who deals with large lists of passwords, this is a very useful tool! Algorithm support includes MD5, NTLM, LM, SHA1, and many others.

Multiforcer New (MFN)

The Multiforcer New is a total ground up rewrite of the Cryptohaze Multiforcer with CUDA, OpenCL, and CPU (SSE/AVX/etc) support. It remains focused on brute forcing large hash lists, and scales very well. It also is designed for network clustering of machines – no longer are you limited to running your hashes with a single machine! Other tools have varying levels of network support, but Cryptohaze is the only open source tool with easy to use built in networking.

Cryptohaze GPU Rainbow Tables

There has been very little development in the promising Rainbow Table technology over the past several years. Cryptohaze GPU Rainbow table are a totally fresh implementation of rainbow tables, leveraging the strengths of the nVidia GPUs and OpenCL devices to allow for much larger table spaces and coverage. While the stock RainbowCrack tables use chain lengths of 10 000, the Cryptohaze tables use a chain length of 200 000. This allows much larger attack spaces – NTLM tables for full US charset (95 characters) length 8 are available, and other tables will become available as they are created. While doing this, cracking times on a high performance server remain very reasonable – in some cases, under 2 minutes per password!


OpenCL support is present for the rainbow table tools, and is present in the new alpha Multiforcer. If you are interested in helping to port the tools to OpenCL, drop author a line!

Download Cryptohaze

Read More

TrueCrypt brute-force password cracker - TrueCrack

TrueCrack is a brute-force password cracker for TrueCrypt volume files. It works on Linux and it is optimized for Nvidia Cuda technology

Algorithms:

ºPBKDF2 (defined in PKCS5 v2.0) is based on RIPEMD160 Key derivation function.
ºXTS block cipher mode for hard disk encryption based on AES.


TrueCrypt brute-force password cracker:

ºDictionary attack: reads the passwords from a file of only words (one password for line).
ºCharset attack: generates the passwords from a set of symbols defined from the user (for example: all possible strings of n characters from the charset “abc” ).


Performance

The execution time of TrueCrack for a dictionary attack is (average word length 10 characters):

        CPU  3.00GHz   GTX650    GTX680
1000     0m  12.031s 0m  3.771s 0m 2.693s
10000    2m   0.421s 0m 15.893s 0m 5.628s
100000  20m   3.811s 2m 20.379s 0m 37.610s


Dictionary attack:

truecrack -t truecrypt_file -w passwords_file [-k ripemd160 | -k sha512 | -k whirlpool] [-e aes | -e serpent | -e twofish] [-a blocks] [-b] [-H] [-r number]


Alphabet attack:

truecrack -t truecrypt_file -c alphabet [-s minlength] -m maxlength [-k ripemd160 | -k sha512 | -k whirlpool] [-e aes | -e serpent | -e twofish] [-a blocks] [-b] [-H] [-r number]


Usage

-h --help Display this information.
-t --truecrypt <truecrypt_file> Truecrypt volume file.
-k --key <ripemd160 | sha512 | whirlpool> Key derivation function (default ripemd160).
-e --encryption <aes | serpent | twofish> Encryption algorithm (default aes).
-a --aggressive <blocks> Number of parallel computations (board dependent).
-w --wordlist <wordlist_file> File of words, for Dictionary attack.
-c --charset <alphabet> Alphabet generator, for Alphabet attack.
-m --maxlength <maxlength> Maximum length of passwords, for Alphabet attack.
-s --startlength <minlength> Starting length of passwords, for Alphabet attack (default 1).
-r --restore <number> Restore the computation.
-b --backup Backup header instead of volume header.
-H --hidden Hidden Truecrypt volume.
-v --verbose Show verbose messages.


How To Install

cd truecrack
./configure
make
sudo make install


How To Configure ?

./configure
--enable-debug : enable nVidia CUDA debug mode [default=no]
--enable-cpu : disable cuda nvidia GPU and use CPU [default=no]
--with-cuda=PATH : prefix where cuda is installed [default=auto]

Download TrueCrack

Read More

Extreme GPU - Bruteforcer

Extreme GPU Bruteforcer is a professional solution for the recovery of passwords from hashes using GPU. The software supports hashes of the following types: MySQL, MySQL5, DES(Unix), MD4, MD5, MD5(Unix), MD5(APR), MD5(phpBB3), MD5(WordPress), LM, NTLM, SHA-1 and many others.

On modern graphics cards from NVIDIA that support the CUDA technology, the software demonstrates outstanding operation speed. For example, an average attack speed on NVIDIA GTS250 is 420 million passwords per second for MD5 hashes, 700 million passwords per second for MySQL hashes and 550 million passwords per second for NTLM hashes.

Extreme GPU Bruteforcer Features: 

ºSupports over 300 hashing algorithms.
ºContains over 50 additional utilities for handling hashes, passwords, and dictionaries.
ºUnlimited loadable hashes, dictionaries, rules, and masks.
ºMultithreading.
º64 bits.
ºMaximum optimization for working with large hash lists.
ºMaximum optimization for working with dictionaries.
ºOptimization for newest CPU.
ºHashing modules as stand-alone DLL files.
ºConvenient control over operation using command files.
ºHEX user names and salts.
ºRecovery of Unicode passwords.
ºAnd much more.


The solution implements several unique attacks, including mask and dictionary attacks, which allow recovering even the strongest passwords incredibly fast. Utilizing the power of multiple graphics cards running simultaneously (supports up to 32 GPU), the software allows reaching incredible search speeds of billions of passwords per second!


The number of salted hashes the software can handle simultaneously: 800; the number of unsalted hashes: unlimited

Download HM

Read More

Rainbow Tables Hash Cracker - RainbowCrack

RainbowCrack uses time-memory tradeoff algorithm to crack hashes. It differs from the hash crackers that use brute force algorithm. A brute force hash cracker generate all possible plain-texts and compute the corresponding hashes on the fly, then compare the hashes with the hash to be cracked. Once a match is found, the plain-text is found.

RainbowCrack is a general propose implementation of Philippe Oechslin’s faster time-memory trade-off technique. It crack hashes with rainbow tables. RainbowCrack uses time-memory trade-off algorithm to crack hashes. It differs from brute force hash crackers.

A brute force hash cracker generate all possible plain-texts and compute the corresponding hashes on the fly, then compare the hashes with the hash to be cracked. Once a match is found, the plain-text is found. If all possible plain-texts are tested and no match is found, the plaintext is not found. With this type of hash cracking, all intermediate computation results are discarded.

A time-memory trade-off hash cracker need a pre-computation stage, at the time all plaintext/hash pairs within the selected hash algorithm, charset, plain-text length are computed and results are stored in files called rainbow table. It is time consuming to do this kind of computation. But once the one time pre-computation is finished, hashes stored in the table can be cracked with much better performance than a brute force cracker.

In this project, we focus on the development of optimized time-memory trade-off implementation. GPU acceleration is another key feature of RainbowCrack software. By offloading most runtime computation to NVIDIA GPU, overall hash cracking performance can be improved further.

Several TB of generated rainbow tables for LM, NTLM, MD5 and SHA1 hash algorithms are listed in this page


Features:

ºFull time-memory tradeoff tool suites, including rainbow table generation, sort, conversion ºand lookup
ºSupport rainbow table of any hash algorithm
ºSupport rainbow table of any charset
ºSupport rainbow table in raw file format (.rt) and compact file format (.rtc)
ºComputation on multi-core processor support
ºComputation on GPU (via NVIDIA CUDA technology) support
ºComputation on multi-GPU (via NVIDIA CUDA technology) support
ºRuns on Windows operating systems
ºWindows XP 32-bit / 64-bit
ºWindows Vista 32-bit / 64-bit
ºWindows 7 32-bit / 64-bit
ºWindows 8 32-bit / 64-bit
ºRuns on Linux operating systems (x86 and x86_64)
ºUnified rainbow table file format on all supported operating systems
ºCommand line user interface
ºGraphics user interface (Windows only)

Download RainbowCrack

Read More

Wordlist Generator - Crunch

Wordlist Generator: Crunch

Crunch is a wordlist generator where you can specify a standard character set or a character set you specify. crunch can generate all possible combinations and permutations.


Features

ºcrunch1crunch generates wordlists in both combination and permutation ways
ºit can breakup output by number of lines or file size
ºnow has resume support
ºpattern now supports number and symbols
ºpattern now supports upper and lower case characters separately
ºadds a status report when generating multiple files
ºnew -l option for literal support of @,%^
ºnew -d option to limit duplicate characters see man file for details
ºnow has unicode support

Download Crunch

Read More

MD5 Online Password Cracking - md5cracker

MD5 Online Password Cracking: md5cracker

md5cracker.sh is a shell script that connects to various online resources to gather hash corresponding to a provided MD5 string


Installation

$ cd /usr/local/bin/
$ sudo wget http://packetstormsecurity.org/Crackers/md5cracker.sh.txt
$ sudo mv md5cracker.sh.txt md5cracker
$ sudo chmod +x md5cracker


Usage

$ md5cracker 8d3533d75ae2c3966d7e0d4fcc69216b


=> Md5 Online Cracker
=> FuRt3X ~> blkhtc0rp@yahoo.com.br


[*] www.md5crack.com: charley
[*] md5.hashcracking:   charley
[*] md5hood.com: charley
[*] md5.gromweb.com:   charley
[*] md5-db.de:  charley
[*] md5.thekaine.de:  OCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">404 Not FoundNot FoundThe requested URL /decode_multi.php was not found on this server.
[*] passcracking.com:  charley
[*] md5-decrypter.com:   charley
[*] www.bigtrapeze.com:  charley

Download md5cracker

Read More

Encrypt Your Network Traffic - Tcpcrypt

Tcpcrypt is a protocol that attempts to encrypt (almost) all of your network traffic. Unlike other security mechanisms, Tcpcrypt works out of the box: it requires no configuration, no changes to applications, and your network connections will continue to work even if the remote end does not support Tcpcrypt, in which case connections will gracefully fall back to standard clear-text TCP. Install Tcpcrypt and you’ll feel no difference in your every day user experience, but yet your traffic will be more secure and you’ll have made life much harder for hackers.

So why is now the right time to turn on encryption? Here are some reasons: 

ºIntercepting communications today is simpler than ever because of wireless networks. Ask a hacker how many e-mail passwords can be intercepted at an airport by just using a wifi-enabled laptop. This unsophisticated attack is in reach of many. The times when only a few elite had the necessary skill to eavesdrop are gone.

ºComputers have now become fast enough to encrypt all Internet traffic. New computers come with special hardware crypto instructions that allow encrypted networking speeds of 10Gbit/s. How many of us even achieve those speeds on the Internet or would want to download (and watch) one movie per second? Clearly, we can encrypt fast enough.

ºResearch advances and the lessons learnt from over 10 years of experience with the web finally enabled us to design a protocol that can be used in today’s Internet, by today’s users. Our protocol is pragmatic: it requires no changes to applications, it works with NATs (i.e., compatible with your DSL router), and will work even if the other end has not yet upgraded to tcpcrypt—in which case it will gracefully fall back to using the old plain-text TCP. No user configuration is required, making it accessible to lay users—no more obscure requests like “Please generate a 2048-bit RSA-3 key and a certificate request for signing by a CA”. Tcpcrypt can be incrementally deployed today, and with time the whole Internet will become encrypted.


How Tcpcrypt works

Tcpcrypt is opportunistic encryption. If the other end speaks Tcpcrypt, then your traffic will be encrypted; otherwise it will be in clear text. Thus, Tcpcrypt alone provides no guarantees—it is best effort. If, however, a Tcpcrypt connection is successful and any attackers that exist are passive, then Tcpcrypt guarantees privacy.

Network attackers come in two varieties: passive and active (man-in-the-middle). Passive attacks are much simpler to execute because they just require listening on the network. Active attacks are much harder as they require listening and modifying network traffic, often requiring very precise timing that can make some attacks impractical.

By default Tcpcrypt is vulnerable to active attacks—an attacker can, for example, modify a server’s response to say that Tcpcrypt is not supported (when in fact it is) so that all subsequent traffic will be clear text and can thus be eavesdropped on.

Tcpcrypt, however, is powerful enough to stop active attacks, too, if the application using it performs authentication. For example, if you log in to online banking using a password and the connection is over Tcpcrypt, it is possible to use that shared secret between you and the bank (i.e., the password) to authenticate that you are actually speaking to the bank and not some active (man-in-the-middle) attacker. The attacker cannot spoof authentication as it lacks the password. Thus, by default, Tcpcrypt will try its best to protect your traffic. Applications requiring stricter guarantees can get them by authenticating a Tcpcrypt session.


Installing tcpcrypt

$ git clone git://github.com/scslab/tcpcrypt.git
$ cd tcpcrypt
$ ./bootstrap.sh
$ ./configure
$ make
$ sudo ./launch_tcpcryptd.sh


The launch script starts tcpcryptd and adds firewall rules to divert all TCP traffic — except that which is already encrypted, like SSH — to tcpcryptd. When the script exits (on Ctrl-C or kill), it restores your firewall config to its former state — no permanent changes are made.

On Linux, you must first install libnfnetlink, libnetfilter_queue, and libcap.

Optional: running make install will install libtcpcrypt and tcpcrypt headers, for building apps that use tcpcrypt’s session ID.


Try it out

Go to http://tcpcrypt.org/test.php with tcpcryptd running. If tcpcrypt is working, you’ll be able to join the tcpcrypt Hall of Fame and your tcpcrypt session ID will be displayed at the bottom of the page.

Now let’s examine the packets going over the wire by starting tcpdump and then reloading the URL above.

sudo tcpdump -X -s0 host tcpcrypt.org

Compare this tcpdump output, which appears encrypted (or at least unreadable), with the cleartext packets you would see without tcpcryptd running.

A final netcat example:

$ sudo ./launch_tcpcryptd.sh & 
$ nc -l 7777 &
$ sudo tcpdump -i lo -n -s0 -vvvv -X tcp port 7777 &
$ echo hello, world! | nc localhost 7777
# clean up
$ sudo killall tcpcryptd tcpdump


Troubleshooting

If it’s not working, the most likely causes are the following.

ºYour browser already had an open, non-tcpcrypted TCP connection to tcpcrypt.org before you ran the launch script. Quit and reopen your browser, wait 30 seconds, or use a different browser to retrieve the tcpcrypt.org URL.

ºThere’s a conflict with your existing firewall rules. See the firewall setup section in the install guide for your platform.

Download  Tcpcrypt

Read More