Compile John the Ripper w/ Jumbo Patch (Updated for 1.7.7 & 1.7.8)

 Compiling, Configuration Tutorials, Installing & Using Tools  17 Responses »
Nov 162009
 

New Post – Now with GPU support.

9.19.2011 – Updated for latest openssl and john jumbo patch on Ubuntu Natty Narwhal 11.4

Password cracking Windows hashes on Linux using John the Ripper (JtR). If you prefer the Linux operating system JtR is the password cracking utility to use. By default JtR does not support the hashes that we are interested in cracking. See below for installation and patching instructions for JtR.   Applying the patch to JtR adds the functionality to crack NTLM and MS-Cache passwords.  NOTE:  This install was done on Ubuntu 10.4 LTS but should work on any Linux system since we are compiling from source.
Continue reading »

Using Perl to Parse Nmap XML

 Scripts  4 Responses »
Nov 062009
 

As an auditor I liked to quickly analyze my Nmap scan results by parsing the XML output produced and loading it into my favorite spreadsheet application.
From there I could sort by host, port, service, or operating system for analysis. The parsed results are a lot easier to add to reports and workpapers. Just remember to keep the original Nmap results.
I’ve developed a LAMP framework to parse and load Nmap results into a database for reporting and analysis. However if you are just looking to quickly parse the results of individual scans I’ve got a Perl script for you!
Continue reading »